diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xm1/compose-init.ps1 b/compose/sxp/10.4/ltsc2019/upgrade/xm1/compose-init.ps1 new file mode 100644 index 00000000..cc7b9050 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xm1/compose-init.ps1 @@ -0,0 +1,290 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp0","xp1")] + [string]$Topology = "xm1", + + [string] + [ValidateNotNullOrEmpty()] + $EnvFilePath = ".\.env", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SitecoreAdminPassword = "Password12345", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SqlSaPassword = "Password12345", + + [string] + $SqlServer = "mssql", + + [string] + $SqlUserName = "sa", + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $CdHost = "$($Topology)cd.localhost", + + [string] + $CmHost = "$($Topology)cm.localhost", + + [string] + $IdHost = "$($Topology)id.localhost", + + # The link to a source NuGet Feed has been updated. + # In case of a name conflict with local PSRepository we suggest unregistering previous version from the host. + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $CertDataFolder = ".\traefik\certs", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +function Get-EnvironmentVariableNameList { + param( + [string]$EnvFilePath + ) + + $envVariableNameList = @() + $envVariables = Get-Content -Path $EnvFilePath + foreach ($envVariable in $envVariables) { + $envName = $envVariable.Split('=')[0] + $envVariableNameList += $envName + } + return $envVariableNameList +} + +function Populate-EnvironmentFile { + param( + [string]$EnvFilePath, + [hashtable]$EnvVariablesTable + ) + + Write-Information -MessageData "Starting populating '$EnvFilePath' env file variables..." -InformationAction Continue + + $envVariableNameList = Get-EnvironmentVariableNameList -EnvFilePath $EnvFilePath + foreach ($envVariableName in $envVariableNameList){ + if ($EnvVariablesTable.ContainsKey($envVariableName)) { + Set-EnvFileVariable $envVariableName -Value $($EnvVariablesTable[$envVariableName]) -Path $EnvFilePath + } + } + + Write-Information -MessageData "Finish populating '$EnvFilePath' env file variables." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$EnvFilePath, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry "$CmHost" + Add-HostsEntry "$IdHost" + if (($Topology -eq "xm1") -or ($Topology -eq "xp1")) { + Add-HostsEntry "$CdHost" + } + + Write-Information -MessageData "Finish adding Windows hosts file entries for '$Topology' topology." -InformationAction Continue +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting create certificates for '$Topology' topology..." -InformationAction Continue + + $dnsNames = @("$CdHost", "$CmHost", "$IdHost") + + if ($Topology -eq "xp0") { + $dnsNames = @("$CmHost", "$IdHost") + } + + # Check that Certificate or Key files already exist in the $CertDataFolder + $existingCertificateFiles = Get-ChildItem "$CertDataFolder\*" -Include *.crt, *.key + + if (-not $existingCertificateFiles){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\RootCA.crt" + + # Create Certificate and Key files for each Sitecore role + $dnsNames | ForEach-Object { + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $_ -DnsName $_ -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$CertDataFolder\$_.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$CertDataFolder\$_.crt" + } + + Write-Information -MessageData "Finish creating certificates for '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for '$Topology' topology." -InformationAction Continue + return $false + } +} + +function Update-CertsConfigFile{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $certsConfigFile = Join-Path (Split-Path $CertDataFolder -Parent) "config\dynamic\certs_config.yaml" + $certificatePath = "C:\etc\traefik\certs\" + + $customHostNames = @("$CdHost", "$CmHost", "$IdHost") + if ($Topology -eq "xp0") { + $customHostNames = @("$CmHost", "$IdHost") + } + + $newFileContent = @("tls:", " certificates:") + + foreach ($customHostName in $customHostNames){ + $newFileContent += " - certFile: " + $certificatePath + $customHostName + ".crt" + $newFileContent += " keyFile: " + $certificatePath + $customHostName + ".key" + } + + # Clear certs_config.yaml file + Clear-Content -Path $certsConfigFile + + # Setting new content to the certs_config.yaml file + $newFileContent | Set-Content $certsConfigFile + + Write-Information -MessageData "certs_config.yaml file was successfully updated." -InformationAction Continue +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Invoke-ComposeInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $envVariablesTable = @{ + "SITECORE_ADMIN_PASSWORD" = $SitecoreAdminPassword + "SQL_SA_PASSWORD" = $SqlSaPassword + "REPORTING_API_KEY" = "00112233445566778899AABBCCDDEEFF" + "TELERIK_ENCRYPTION_KEY" = Get-SitecoreRandomString 128 -DisallowSpecial + "MEDIA_REQUEST_PROTECTION_SHARED_SECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_IDSECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_ID_CERTIFICATE" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "SITECORE_ID_CERTIFICATE_PASSWORD" = $idCertPassword + "SITECORE_LICENSE" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "SQL_SERVER" = $SqlServer + "SQL_USERNAME" = $SqlUserName + "SQL_PASSWORD" = $SqlSaPassword + "IS_ALWAYS_ENCRYPTED" = $IsAlwaysEncrypted + "PROCESSING_ENGINE_TASKS_DATABASE_USERNAME" = $ProcessingEngineTasksDatabaseUserName + "CD_HOST" = $CdHost + "CM_HOST" = $CmHost + "ID_HOST" = $IdHost + "SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + $envFile = Split-Path $EnvFilePath -Leaf + + if($envFile -eq "upgrade.env"){ + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + }else{ + if (!(Test-Path $CertDataFolder)) { + Write-Warning -Message "The certificate '$CertDataFolder' path isn't valid. Please, specify another path for certificates." + return + } + + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # The update for the certs_config.yaml file is if Certificates were created for the custom hostnames. + if ($RootCertificateCreated){ + Update-CertsConfigFile -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } + + # Install Root Certificate if it was created + if ($RootCertificateCreated){ + Import-Certificate -FilePath "$CertDataFolder\RootCA.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + } + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -EnvFilePath $EnvFilePath -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "compose-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-ComposeInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xm1/docker-compose.upgrade.yml b/compose/sxp/10.4/ltsc2019/upgrade/xm1/docker-compose.upgrade.yml new file mode 100644 index 00000000..7d1c8e99 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xm1/docker-compose.upgrade.yml @@ -0,0 +1,12 @@ +services: + mssql-upgrade: + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-mssql-upgrade:${SITECORE_VERSION} + environment: + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Experienceforms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Experienceforms;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Database_Upgrade_From_Version: ${DATABASE_UPGRADE_FROM_VERSION} + Database_Upgrade_To_Version: ${DATABASE_UPGRADE_TO_VERSION} + Sitecore_License: ${SITECORE_LICENSE} + isolation: ${ISOLATION} \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xm1/upgrade.env b/compose/sxp/10.4/ltsc2019/upgrade/xm1/upgrade.env new file mode 100644 index 00000000..345a833b --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xm1/upgrade.env @@ -0,0 +1,11 @@ +COMPOSE_PROJECT_NAME=sitecore-xm1 +SITECORE_DOCKER_REGISTRY=scr.sitecore.com/sxp/ +SITECORE_VERSION=10.4-ltsc2019 +SQL_DATABASE_PREFIX=Sitecore +SQL_SERVER= +SQL_USERNAME= +SQL_PASSWORD= +DATABASE_UPGRADE_FROM_VERSION=10.3.0 +DATABASE_UPGRADE_TO_VERSION=10.4.0 +SITECORE_LICENSE= +ISOLATION=default \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xp1/compose-init.ps1 b/compose/sxp/10.4/ltsc2019/upgrade/xp1/compose-init.ps1 new file mode 100644 index 00000000..a28b66c9 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xp1/compose-init.ps1 @@ -0,0 +1,290 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp0","xp1")] + [string]$Topology = "xp1", + + [string] + [ValidateNotNullOrEmpty()] + $EnvFilePath = ".\.env", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SitecoreAdminPassword = "Password12345", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SqlSaPassword = "Password12345", + + [string] + $SqlServer = "mssql", + + [string] + $SqlUserName = "sa", + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $CdHost = "$($Topology)cd.localhost", + + [string] + $CmHost = "$($Topology)cm.localhost", + + [string] + $IdHost = "$($Topology)id.localhost", + + # The link to a source NuGet Feed has been updated. + # In case of a name conflict with local PSRepository we suggest unregistering previous version from the host. + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $CertDataFolder = ".\traefik\certs", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +function Get-EnvironmentVariableNameList { + param( + [string]$EnvFilePath + ) + + $envVariableNameList = @() + $envVariables = Get-Content -Path $EnvFilePath + foreach ($envVariable in $envVariables) { + $envName = $envVariable.Split('=')[0] + $envVariableNameList += $envName + } + return $envVariableNameList +} + +function Populate-EnvironmentFile { + param( + [string]$EnvFilePath, + [hashtable]$EnvVariablesTable + ) + + Write-Information -MessageData "Starting populating '$EnvFilePath' env file variables..." -InformationAction Continue + + $envVariableNameList = Get-EnvironmentVariableNameList -EnvFilePath $EnvFilePath + foreach ($envVariableName in $envVariableNameList){ + if ($EnvVariablesTable.ContainsKey($envVariableName)) { + Set-EnvFileVariable $envVariableName -Value $($EnvVariablesTable[$envVariableName]) -Path $EnvFilePath + } + } + + Write-Information -MessageData "Finish populating '$EnvFilePath' env file variables." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$EnvFilePath, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry "$CmHost" + Add-HostsEntry "$IdHost" + if (($Topology -eq "xm1") -or ($Topology -eq "xp1")) { + Add-HostsEntry "$CdHost" + } + + Write-Information -MessageData "Finish adding Windows hosts file entries for '$Topology' topology." -InformationAction Continue +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting create certificates for '$Topology' topology..." -InformationAction Continue + + $dnsNames = @("$CdHost", "$CmHost", "$IdHost") + + if ($Topology -eq "xp0") { + $dnsNames = @("$CmHost", "$IdHost") + } + + # Check that Certificate or Key files already exist in the $CertDataFolder + $existingCertificateFiles = Get-ChildItem "$CertDataFolder\*" -Include *.crt, *.key + + if (-not $existingCertificateFiles){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\RootCA.crt" + + # Create Certificate and Key files for each Sitecore role + $dnsNames | ForEach-Object { + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $_ -DnsName $_ -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$CertDataFolder\$_.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$CertDataFolder\$_.crt" + } + + Write-Information -MessageData "Finish creating certificates for '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for '$Topology' topology." -InformationAction Continue + return $false + } +} + +function Update-CertsConfigFile{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $certsConfigFile = Join-Path (Split-Path $CertDataFolder -Parent) "config\dynamic\certs_config.yaml" + $certificatePath = "C:\etc\traefik\certs\" + + $customHostNames = @("$CdHost", "$CmHost", "$IdHost") + if ($Topology -eq "xp0") { + $customHostNames = @("$CmHost", "$IdHost") + } + + $newFileContent = @("tls:", " certificates:") + + foreach ($customHostName in $customHostNames){ + $newFileContent += " - certFile: " + $certificatePath + $customHostName + ".crt" + $newFileContent += " keyFile: " + $certificatePath + $customHostName + ".key" + } + + # Clear certs_config.yaml file + Clear-Content -Path $certsConfigFile + + # Setting new content to the certs_config.yaml file + $newFileContent | Set-Content $certsConfigFile + + Write-Information -MessageData "certs_config.yaml file was successfully updated." -InformationAction Continue +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Invoke-ComposeInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $envVariablesTable = @{ + "SITECORE_ADMIN_PASSWORD" = $SitecoreAdminPassword + "SQL_SA_PASSWORD" = $SqlSaPassword + "REPORTING_API_KEY" = "00112233445566778899AABBCCDDEEFF" + "TELERIK_ENCRYPTION_KEY" = Get-SitecoreRandomString 128 -DisallowSpecial + "MEDIA_REQUEST_PROTECTION_SHARED_SECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_IDSECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_ID_CERTIFICATE" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "SITECORE_ID_CERTIFICATE_PASSWORD" = $idCertPassword + "SITECORE_LICENSE" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "SQL_SERVER" = $SqlServer + "SQL_USERNAME" = $SqlUserName + "SQL_PASSWORD" = $SqlSaPassword + "IS_ALWAYS_ENCRYPTED" = $IsAlwaysEncrypted + "PROCESSING_ENGINE_TASKS_DATABASE_USERNAME" = $ProcessingEngineTasksDatabaseUserName + "CD_HOST" = $CdHost + "CM_HOST" = $CmHost + "ID_HOST" = $IdHost + "SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + $envFile = Split-Path $EnvFilePath -Leaf + + if($envFile -eq "upgrade.env"){ + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + }else{ + if (!(Test-Path $CertDataFolder)) { + Write-Warning -Message "The certificate '$CertDataFolder' path isn't valid. Please, specify another path for certificates." + return + } + + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # The update for the certs_config.yaml file is if Certificates were created for the custom hostnames. + if ($RootCertificateCreated){ + Update-CertsConfigFile -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } + + # Install Root Certificate if it was created + if ($RootCertificateCreated){ + Import-Certificate -FilePath "$CertDataFolder\RootCA.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + } + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -EnvFilePath $EnvFilePath -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "compose-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-ComposeInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xp1/docker-compose.upgrade.yml b/compose/sxp/10.4/ltsc2019/upgrade/xp1/docker-compose.upgrade.yml new file mode 100644 index 00000000..db32d208 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xp1/docker-compose.upgrade.yml @@ -0,0 +1,21 @@ +services: + mssql-upgrade: + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-mssql-upgrade:${SITECORE_VERSION} + environment: + IS_ALWAYS_ENCRYPTED: ${IS_ALWAYS_ENCRYPTED} + PROCESSING_ENGINE_TASKS_DATABASE_USERNAME: ${PROCESSING_ENGINE_TASKS_DATABASE_USERNAME} + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Experienceforms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Experienceforms;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Processing_Engine_Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Tasks;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Xdb_Collection_Shard0: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.Shard0;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Xdb_Collection_Shard1: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.Shard1;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Sitecore_ConnectionStrings_Processing_Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Pools;User ID=${SQL_USERNAME};Password=${SQL_PASSWORD} + Database_Upgrade_From_Version: ${DATABASE_UPGRADE_FROM_VERSION} + Database_Upgrade_To_Version: ${DATABASE_UPGRADE_TO_VERSION} + Sitecore_License: ${SITECORE_LICENSE} + isolation: ${ISOLATION} \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/upgrade/xp1/upgrade.env b/compose/sxp/10.4/ltsc2019/upgrade/xp1/upgrade.env new file mode 100644 index 00000000..9b89b6d2 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/upgrade/xp1/upgrade.env @@ -0,0 +1,13 @@ +COMPOSE_PROJECT_NAME=sitecore-xp1 +SITECORE_DOCKER_REGISTRY=scr.sitecore.com/sxp/ +SITECORE_VERSION=10.4-ltsc2019 +SQL_DATABASE_PREFIX=Sitecore +SQL_SERVER= +SQL_USERNAME= +SQL_PASSWORD= +IS_ALWAYS_ENCRYPTED= +PROCESSING_ENGINE_TASKS_DATABASE_USERNAME= +DATABASE_UPGRADE_FROM_VERSION=10.3.0 +DATABASE_UPGRADE_TO_VERSION=10.4.0 +SITECORE_LICENSE= +ISOLATION=default \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/.env b/compose/sxp/10.4/ltsc2019/xm1/.env new file mode 100644 index 00000000..74880d63 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/.env @@ -0,0 +1,29 @@ +COMPOSE_PROJECT_NAME=sitecore-xm1 +SITECORE_DOCKER_REGISTRY=scr.sitecore.com/sxp/ +SITECORE_VERSION=10.4-ltsc2019 +EXTERNAL_IMAGE_TAG_SUFFIX=ltsc2019 +SITECORE_ADMIN_PASSWORD= +SQL_SERVER=mssql +SQL_SA_LOGIN=sa +SQL_SA_PASSWORD= +SQL_DATABASE_PREFIX=Sitecore +SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM= +TELERIK_ENCRYPTION_KEY= +SITECORE_GRAPHQL_ENABLED=true +SITECORE_GRAPHQL_EXPOSEPLAYGROUND=false +# You should change the encryption key to a random string and not use the default value +SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY=432A462D4A614E64 +SITECORE_IDSECRET= +SITECORE_ID_CERTIFICATE= +SITECORE_ID_CERTIFICATE_PASSWORD= +SITECORE_LICENSE= +CD_HOST=xm1cd.localhost +CM_HOST=xm1cm.localhost +ID_HOST=xm1id.localhost +TRAEFIK_IMAGE=traefik:v2.11.0-windowsservercore-1809 +TRAEFIK_ISOLATION=default +ISOLATION=default +SOLR_CORE_PREFIX_NAME=sitecore +# You should change the shared secret to a random string and not use the default value +MEDIA_REQUEST_PROTECTION_SHARED_SECRET=HQ(NjM(u6_5koVla-cTf4ta8x1h6Sb+ZcUQrULUz-0Afpx0cx-NuMtIoQkpDFmX5 +LOG_LEVEL_VALUE=INFO \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/compose-init.ps1 b/compose/sxp/10.4/ltsc2019/xm1/compose-init.ps1 new file mode 100644 index 00000000..cc7b9050 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/compose-init.ps1 @@ -0,0 +1,290 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp0","xp1")] + [string]$Topology = "xm1", + + [string] + [ValidateNotNullOrEmpty()] + $EnvFilePath = ".\.env", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SitecoreAdminPassword = "Password12345", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SqlSaPassword = "Password12345", + + [string] + $SqlServer = "mssql", + + [string] + $SqlUserName = "sa", + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $CdHost = "$($Topology)cd.localhost", + + [string] + $CmHost = "$($Topology)cm.localhost", + + [string] + $IdHost = "$($Topology)id.localhost", + + # The link to a source NuGet Feed has been updated. + # In case of a name conflict with local PSRepository we suggest unregistering previous version from the host. + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $CertDataFolder = ".\traefik\certs", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +function Get-EnvironmentVariableNameList { + param( + [string]$EnvFilePath + ) + + $envVariableNameList = @() + $envVariables = Get-Content -Path $EnvFilePath + foreach ($envVariable in $envVariables) { + $envName = $envVariable.Split('=')[0] + $envVariableNameList += $envName + } + return $envVariableNameList +} + +function Populate-EnvironmentFile { + param( + [string]$EnvFilePath, + [hashtable]$EnvVariablesTable + ) + + Write-Information -MessageData "Starting populating '$EnvFilePath' env file variables..." -InformationAction Continue + + $envVariableNameList = Get-EnvironmentVariableNameList -EnvFilePath $EnvFilePath + foreach ($envVariableName in $envVariableNameList){ + if ($EnvVariablesTable.ContainsKey($envVariableName)) { + Set-EnvFileVariable $envVariableName -Value $($EnvVariablesTable[$envVariableName]) -Path $EnvFilePath + } + } + + Write-Information -MessageData "Finish populating '$EnvFilePath' env file variables." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$EnvFilePath, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry "$CmHost" + Add-HostsEntry "$IdHost" + if (($Topology -eq "xm1") -or ($Topology -eq "xp1")) { + Add-HostsEntry "$CdHost" + } + + Write-Information -MessageData "Finish adding Windows hosts file entries for '$Topology' topology." -InformationAction Continue +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting create certificates for '$Topology' topology..." -InformationAction Continue + + $dnsNames = @("$CdHost", "$CmHost", "$IdHost") + + if ($Topology -eq "xp0") { + $dnsNames = @("$CmHost", "$IdHost") + } + + # Check that Certificate or Key files already exist in the $CertDataFolder + $existingCertificateFiles = Get-ChildItem "$CertDataFolder\*" -Include *.crt, *.key + + if (-not $existingCertificateFiles){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\RootCA.crt" + + # Create Certificate and Key files for each Sitecore role + $dnsNames | ForEach-Object { + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $_ -DnsName $_ -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$CertDataFolder\$_.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$CertDataFolder\$_.crt" + } + + Write-Information -MessageData "Finish creating certificates for '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for '$Topology' topology." -InformationAction Continue + return $false + } +} + +function Update-CertsConfigFile{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $certsConfigFile = Join-Path (Split-Path $CertDataFolder -Parent) "config\dynamic\certs_config.yaml" + $certificatePath = "C:\etc\traefik\certs\" + + $customHostNames = @("$CdHost", "$CmHost", "$IdHost") + if ($Topology -eq "xp0") { + $customHostNames = @("$CmHost", "$IdHost") + } + + $newFileContent = @("tls:", " certificates:") + + foreach ($customHostName in $customHostNames){ + $newFileContent += " - certFile: " + $certificatePath + $customHostName + ".crt" + $newFileContent += " keyFile: " + $certificatePath + $customHostName + ".key" + } + + # Clear certs_config.yaml file + Clear-Content -Path $certsConfigFile + + # Setting new content to the certs_config.yaml file + $newFileContent | Set-Content $certsConfigFile + + Write-Information -MessageData "certs_config.yaml file was successfully updated." -InformationAction Continue +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Invoke-ComposeInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $envVariablesTable = @{ + "SITECORE_ADMIN_PASSWORD" = $SitecoreAdminPassword + "SQL_SA_PASSWORD" = $SqlSaPassword + "REPORTING_API_KEY" = "00112233445566778899AABBCCDDEEFF" + "TELERIK_ENCRYPTION_KEY" = Get-SitecoreRandomString 128 -DisallowSpecial + "MEDIA_REQUEST_PROTECTION_SHARED_SECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_IDSECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_ID_CERTIFICATE" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "SITECORE_ID_CERTIFICATE_PASSWORD" = $idCertPassword + "SITECORE_LICENSE" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "SQL_SERVER" = $SqlServer + "SQL_USERNAME" = $SqlUserName + "SQL_PASSWORD" = $SqlSaPassword + "IS_ALWAYS_ENCRYPTED" = $IsAlwaysEncrypted + "PROCESSING_ENGINE_TASKS_DATABASE_USERNAME" = $ProcessingEngineTasksDatabaseUserName + "CD_HOST" = $CdHost + "CM_HOST" = $CmHost + "ID_HOST" = $IdHost + "SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + $envFile = Split-Path $EnvFilePath -Leaf + + if($envFile -eq "upgrade.env"){ + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + }else{ + if (!(Test-Path $CertDataFolder)) { + Write-Warning -Message "The certificate '$CertDataFolder' path isn't valid. Please, specify another path for certificates." + return + } + + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # The update for the certs_config.yaml file is if Certificates were created for the custom hostnames. + if ($RootCertificateCreated){ + Update-CertsConfigFile -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } + + # Install Root Certificate if it was created + if ($RootCertificateCreated){ + Import-Certificate -FilePath "$CertDataFolder\RootCA.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + } + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -EnvFilePath $EnvFilePath -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "compose-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-ComposeInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/device-detection-data/readme.md b/compose/sxp/10.4/ltsc2019/xm1/device-detection-data/readme.md new file mode 100644 index 00000000..fe38d074 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/device-detection-data/readme.md @@ -0,0 +1 @@ +device detection database will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/docker-compose.yml b/compose/sxp/10.4/ltsc2019/xm1/docker-compose.yml new file mode 100644 index 00000000..44366724 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/docker-compose.yml @@ -0,0 +1,182 @@ +services: + traefik: + isolation: ${TRAEFIK_ISOLATION} + image: ${TRAEFIK_IMAGE} + command: + - "--ping" + - "--api.insecure=true" + - "--providers.docker.endpoint=npipe:////./pipe/docker_engine" + - "--providers.docker.exposedByDefault=false" + - "--providers.file.directory=C:/etc/traefik/config/dynamic" + - "--entryPoints.websecure.address=:443" + - "--entryPoints.websecure.forwardedHeaders.insecure" + ports: + - "443:443" + - "8079:8080" + healthcheck: + test: ["CMD", "traefik", "healthcheck", "--ping"] + volumes: + - source: \\.\pipe\docker_engine + target: \\.\pipe\docker_engine + type: npipe + - ./traefik:C:/etc/traefik + depends_on: + id: + condition: service_healthy + cd: + condition: service_healthy + cm: + condition: service_healthy + redis: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}redis:3.2.100-${EXTERNAL_IMAGE_TAG_SUFFIX} + mssql: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/mssql-developer:2022-${EXTERNAL_IMAGE_TAG_SUFFIX} + environment: + SA_PASSWORD: ${SQL_SA_PASSWORD} + ACCEPT_EULA: "Y" + ports: + - "14330:1433" + volumes: + - type: bind + source: .\mssql-data + target: c:\data + mssql-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-mssql-init:${SITECORE_VERSION} + environment: + SQL_SERVER: ${SQL_SERVER} + SQL_ADMIN_LOGIN: ${SQL_SA_LOGIN} + SQL_ADMIN_PASSWORD: ${SQL_SA_PASSWORD} + SQL_DATABASE_PREFIX: ${SQL_DATABASE_PREFIX} + SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM: ${SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM} + SITECORE_ADMIN_PASSWORD: ${SITECORE_ADMIN_PASSWORD} + POST_DEPLOYMENT_WAIT_PERIOD: 300 + healthcheck: + test: ["CMD", "powershell", "-command", "if ([System.Environment]::GetEnvironmentVariable('DatabasesDeploymentStatus', 'Machine') -eq 'Complete') { exit 0 } else { exit 1}"] + start_period: 300s + interval: 5s + depends_on: + mssql: + condition: service_healthy + solr: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/solr:8.11.2-${EXTERNAL_IMAGE_TAG_SUFFIX} + ports: + - "8984:8983" + volumes: + - type: bind + source: .\solr-data + target: c:\data + environment: + SOLR_MODE: solrcloud + healthcheck: + test: ["CMD", "powershell", "-command", "try { $$statusCode = (iwr http://solr:8983/solr/admin/cores?action=STATUS -UseBasicParsing).StatusCode; if ($$statusCode -eq 200) { exit 0 } else { exit 1} } catch { exit 1 }"] + solr-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-solr-init:${SITECORE_VERSION} + environment: + SITECORE_SOLR_CONNECTION_STRING: http://solr:8983/solr + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + depends_on: + solr: + condition: service_healthy + id: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-id7:${SITECORE_VERSION} + environment: + Sitecore_Sitecore__IdentityServer__SitecoreMemberShipOptions__ConnectionString: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl: https://${CM_HOST}/sitecore/login?rc=1 + Sitecore_Sitecore__IdentityServer__Clients__PasswordClient__ClientSecrets__ClientSecret1: ${SITECORE_IDSECRET} + Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1: https://${CM_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawData: ${SITECORE_ID_CERTIFICATE} + Sitecore_Sitecore__IdentityServer__PublicOrigin: https://${ID_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawDataPassword: ${SITECORE_ID_CERTIFICATE_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "pwsh", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + depends_on: + mssql-init: + condition: service_healthy + labels: + - "traefik.enable=true" + - "traefik.http.routers.id-secure.entrypoints=websecure" + - "traefik.http.routers.id-secure.rule=Host(`${ID_HOST}`)" + - "traefik.http.routers.id-secure.tls=true" + cd: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-cd:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + solr-init: + condition: service_started + redis: + condition: service_started + environment: + Sitecore_AppSettings_instanceNameMode:define: default + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_ExperienceForms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.ExperienceForms;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Solr.Search: http://solr:8983/solr;solrCloud=true + Sitecore_ConnectionStrings_Redis.Sessions: redis:6379,ssl=False,abortConnect=False + Sitecore_License: ${SITECORE_LICENSE} + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.routers.cd-secure.entrypoints=websecure" + - "traefik.http.routers.cd-secure.rule=Host(`${CD_HOST}`)" + - "traefik.http.routers.cd-secure.tls=true" + volumes: + - "./device-detection-data:C:/inetpub/wwwroot/App_Data/DeviceDetection" + cm: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-cm:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + solr-init: + condition: service_started + id: + condition: service_started + environment: + Sitecore_AppSettings_instanceNameMode:define: default + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_ExperienceForms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.ExperienceForms;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Solr.Search: http://solr:8983/solr;solrCloud=true + Sitecore_ConnectionStrings_Sitecoreidentity.secret: ${SITECORE_IDSECRET} + Sitecore_AppSettings_Telerik.AsyncUpload.ConfigurationEncryptionKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_AppSettings_Telerik.Upload.ConfigurationHashKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_AppSettings_Telerik.Web.UI.DialogParametersEncryptionKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_GraphQL_Enabled: ${SITECORE_GRAPHQL_ENABLED} + Sitecore_GraphQL_ExposePlayground: ${SITECORE_GRAPHQL_EXPOSEPLAYGROUND} + Sitecore_GraphQL_UploadMediaOptions_EncryptionKey: ${SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY} + Sitecore_Identity_Server_Authority: https://${ID_HOST} + Sitecore_Identity_Server_InternalAuthority: http://id + Sitecore_Identity_Server_CallbackAuthority: https://${CM_HOST} + Sitecore_Identity_Server_Require_Https: "false" + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.cm-secure.entrypoints=websecure" + - "traefik.http.routers.cm-secure.rule=Host(`${CM_HOST}`)" + - "traefik.http.routers.cm-secure.tls=true" + - "traefik.http.routers.cm-secure.middlewares=force-STS-Header" \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/mssql-data/readme.md b/compose/sxp/10.4/ltsc2019/xm1/mssql-data/readme.md new file mode 100644 index 00000000..d3edaed8 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/mssql-data/readme.md @@ -0,0 +1 @@ +database files will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/solr-data/readme.md b/compose/sxp/10.4/ltsc2019/xm1/solr-data/readme.md new file mode 100644 index 00000000..7a168695 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/solr-data/readme.md @@ -0,0 +1 @@ +solr indexes will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/traefik/certs/readme b/compose/sxp/10.4/ltsc2019/xm1/traefik/certs/readme new file mode 100644 index 00000000..7ab7c0a6 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/traefik/certs/readme @@ -0,0 +1,7 @@ +Add TLS certificates for xm1cd.localhost, xm1cm.localhost and xm1id.localhost hosts to this folder: + xm1cd.localhost.crt + xm1cd.localhost.key + xm1cm.localhost.crt + xm1cm.localhost.key + xm1id.localhost.crt + xm1id.localhost.key \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xm1/traefik/config/dynamic/certs_config.yaml b/compose/sxp/10.4/ltsc2019/xm1/traefik/config/dynamic/certs_config.yaml new file mode 100644 index 00000000..abb005ae --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xm1/traefik/config/dynamic/certs_config.yaml @@ -0,0 +1,8 @@ +tls: + certificates: + - certFile: C:\etc\traefik\certs\xm1cd.localhost.crt + keyFile: C:\etc\traefik\certs\xm1cd.localhost.key + - certFile: C:\etc\traefik\certs\xm1cm.localhost.crt + keyFile: C:\etc\traefik\certs\xm1cm.localhost.key + - certFile: C:\etc\traefik\certs\xm1id.localhost.crt + keyFile: C:\etc\traefik\certs\xm1id.localhost.key \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/.env b/compose/sxp/10.4/ltsc2019/xp0/.env new file mode 100644 index 00000000..c7b0b410 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/.env @@ -0,0 +1,28 @@ +COMPOSE_PROJECT_NAME=sitecore-xp0 +SITECORE_DOCKER_REGISTRY=scr.sitecore.com/sxp/ +SITECORE_VERSION=10.4-ltsc2019 +EXTERNAL_IMAGE_TAG_SUFFIX=ltsc2019 +SITECORE_ADMIN_PASSWORD= +SQL_SERVER=mssql +SQL_SA_LOGIN=sa +SQL_SA_PASSWORD= +SQL_DATABASE_PREFIX=Sitecore +SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM= +TELERIK_ENCRYPTION_KEY= +SITECORE_GRAPHQL_ENABLED=true +SITECORE_GRAPHQL_EXPOSEPLAYGROUND=false +# You should change the encryption key to a random string and not use the default value +SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY=432A462D4A614E64 +SITECORE_IDSECRET= +SITECORE_ID_CERTIFICATE= +SITECORE_ID_CERTIFICATE_PASSWORD= +SITECORE_LICENSE= +CM_HOST=xp0cm.localhost +ID_HOST=xp0id.localhost +TRAEFIK_IMAGE=traefik:v2.11.0-windowsservercore-1809 +TRAEFIK_ISOLATION=default +ISOLATION=default +SOLR_CORE_PREFIX_NAME=sitecore +# You should change the shared secret to a random string and not use the default value +MEDIA_REQUEST_PROTECTION_SHARED_SECRET=HQ(NjM(u6_5koVla-cTf4ta8x1h6Sb+ZcUQrULUz-0Afpx0cx-NuMtIoQkpDFmX5 +LOG_LEVEL_VALUE=INFO \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/compose-init.ps1 b/compose/sxp/10.4/ltsc2019/xp0/compose-init.ps1 new file mode 100644 index 00000000..26281ba4 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/compose-init.ps1 @@ -0,0 +1,290 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp0","xp1")] + [string]$Topology = "xp0", + + [string] + [ValidateNotNullOrEmpty()] + $EnvFilePath = ".\.env", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SitecoreAdminPassword = "Password12345", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SqlSaPassword = "Password12345", + + [string] + $SqlServer = "mssql", + + [string] + $SqlUserName = "sa", + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $CdHost = "$($Topology)cd.localhost", + + [string] + $CmHost = "$($Topology)cm.localhost", + + [string] + $IdHost = "$($Topology)id.localhost", + + # The link to a source NuGet Feed has been updated. + # In case of a name conflict with local PSRepository we suggest unregistering previous version from the host. + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $CertDataFolder = ".\traefik\certs", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +function Get-EnvironmentVariableNameList { + param( + [string]$EnvFilePath + ) + + $envVariableNameList = @() + $envVariables = Get-Content -Path $EnvFilePath + foreach ($envVariable in $envVariables) { + $envName = $envVariable.Split('=')[0] + $envVariableNameList += $envName + } + return $envVariableNameList +} + +function Populate-EnvironmentFile { + param( + [string]$EnvFilePath, + [hashtable]$EnvVariablesTable + ) + + Write-Information -MessageData "Starting populating '$EnvFilePath' env file variables..." -InformationAction Continue + + $envVariableNameList = Get-EnvironmentVariableNameList -EnvFilePath $EnvFilePath + foreach ($envVariableName in $envVariableNameList){ + if ($EnvVariablesTable.ContainsKey($envVariableName)) { + Set-EnvFileVariable $envVariableName -Value $($EnvVariablesTable[$envVariableName]) -Path $EnvFilePath + } + } + + Write-Information -MessageData "Finish populating '$EnvFilePath' env file variables." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$EnvFilePath, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry "$CmHost" + Add-HostsEntry "$IdHost" + if (($Topology -eq "xm1") -or ($Topology -eq "xp1")) { + Add-HostsEntry "$CdHost" + } + + Write-Information -MessageData "Finish adding Windows hosts file entries for '$Topology' topology." -InformationAction Continue +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting create certificates for '$Topology' topology..." -InformationAction Continue + + $dnsNames = @("$CdHost", "$CmHost", "$IdHost") + + if ($Topology -eq "xp0") { + $dnsNames = @("$CmHost", "$IdHost") + } + + # Check that Certificate or Key files already exist in the $CertDataFolder + $existingCertificateFiles = Get-ChildItem "$CertDataFolder\*" -Include *.crt, *.key + + if (-not $existingCertificateFiles){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\RootCA.crt" + + # Create Certificate and Key files for each Sitecore role + $dnsNames | ForEach-Object { + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $_ -DnsName $_ -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$CertDataFolder\$_.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$CertDataFolder\$_.crt" + } + + Write-Information -MessageData "Finish creating certificates for '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for '$Topology' topology." -InformationAction Continue + return $false + } +} + +function Update-CertsConfigFile{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $certsConfigFile = Join-Path (Split-Path $CertDataFolder -Parent) "config\dynamic\certs_config.yaml" + $certificatePath = "C:\etc\traefik\certs\" + + $customHostNames = @("$CdHost", "$CmHost", "$IdHost") + if ($Topology -eq "xp0") { + $customHostNames = @("$CmHost", "$IdHost") + } + + $newFileContent = @("tls:", " certificates:") + + foreach ($customHostName in $customHostNames){ + $newFileContent += " - certFile: " + $certificatePath + $customHostName + ".crt" + $newFileContent += " keyFile: " + $certificatePath + $customHostName + ".key" + } + + # Clear certs_config.yaml file + Clear-Content -Path $certsConfigFile + + # Setting new content to the certs_config.yaml file + $newFileContent | Set-Content $certsConfigFile + + Write-Information -MessageData "certs_config.yaml file was successfully updated." -InformationAction Continue +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Invoke-ComposeInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $envVariablesTable = @{ + "SITECORE_ADMIN_PASSWORD" = $SitecoreAdminPassword + "SQL_SA_PASSWORD" = $SqlSaPassword + "REPORTING_API_KEY" = "00112233445566778899AABBCCDDEEFF" + "TELERIK_ENCRYPTION_KEY" = Get-SitecoreRandomString 128 -DisallowSpecial + "MEDIA_REQUEST_PROTECTION_SHARED_SECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_IDSECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_ID_CERTIFICATE" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "SITECORE_ID_CERTIFICATE_PASSWORD" = $idCertPassword + "SITECORE_LICENSE" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "SQL_SERVER" = $SqlServer + "SQL_USERNAME" = $SqlUserName + "SQL_PASSWORD" = $SqlSaPassword + "IS_ALWAYS_ENCRYPTED" = $IsAlwaysEncrypted + "PROCESSING_ENGINE_TASKS_DATABASE_USERNAME" = $ProcessingEngineTasksDatabaseUserName + "CD_HOST" = $CdHost + "CM_HOST" = $CmHost + "ID_HOST" = $IdHost + "SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + $envFile = Split-Path $EnvFilePath -Leaf + + if($envFile -eq "upgrade.env"){ + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + }else{ + if (!(Test-Path $CertDataFolder)) { + Write-Warning -Message "The certificate '$CertDataFolder' path isn't valid. Please, specify another path for certificates." + return + } + + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # The update for the certs_config.yaml file is if Certificates were created for the custom hostnames. + if ($RootCertificateCreated){ + Update-CertsConfigFile -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } + + # Install Root Certificate if it was created + if ($RootCertificateCreated){ + Import-Certificate -FilePath "$CertDataFolder\RootCA.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + } + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -EnvFilePath $EnvFilePath -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "compose-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-ComposeInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/device-detection-data/readme.md b/compose/sxp/10.4/ltsc2019/xp0/device-detection-data/readme.md new file mode 100644 index 00000000..fe38d074 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/device-detection-data/readme.md @@ -0,0 +1 @@ +device detection database will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/docker-compose.yml b/compose/sxp/10.4/ltsc2019/xp0/docker-compose.yml new file mode 100644 index 00000000..81bd2d8f --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/docker-compose.yml @@ -0,0 +1,234 @@ +services: + traefik: + isolation: ${TRAEFIK_ISOLATION} + image: ${TRAEFIK_IMAGE} + command: + - "--ping" + - "--api.insecure=true" + - "--providers.docker.endpoint=npipe:////./pipe/docker_engine" + - "--providers.docker.exposedByDefault=false" + - "--providers.file.directory=C:/etc/traefik/config/dynamic" + - "--entryPoints.websecure.address=:443" + - "--entryPoints.websecure.forwardedHeaders.insecure" + ports: + - "443:443" + - "8079:8080" + healthcheck: + test: ["CMD", "traefik", "healthcheck", "--ping"] + volumes: + - source: \\.\pipe\docker_engine + target: \\.\pipe\docker_engine + type: npipe + - ./traefik:C:/etc/traefik + depends_on: + id: + condition: service_healthy + cm: + condition: service_healthy + mssql: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/mssql-developer:2022-${EXTERNAL_IMAGE_TAG_SUFFIX} + environment: + SA_PASSWORD: ${SQL_SA_PASSWORD} + ACCEPT_EULA: "Y" + ports: + - "14330:1433" + volumes: + - type: bind + source: .\mssql-data + target: c:\data + mssql-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-mssql-init:${SITECORE_VERSION} + environment: + SQL_SERVER: ${SQL_SERVER} + SQL_ADMIN_LOGIN: ${SQL_SA_LOGIN} + SQL_ADMIN_PASSWORD: ${SQL_SA_PASSWORD} + SQL_DATABASE_PREFIX: ${SQL_DATABASE_PREFIX} + SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM: ${SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM} + SITECORE_ADMIN_PASSWORD: ${SITECORE_ADMIN_PASSWORD} + POST_DEPLOYMENT_WAIT_PERIOD: 300 + healthcheck: + test: ["CMD", "powershell", "-command", "if ([System.Environment]::GetEnvironmentVariable('DatabasesDeploymentStatus', 'Machine') -eq 'Complete') { exit 0 } else { exit 1}"] + start_period: 300s + interval: 5s + depends_on: + mssql: + condition: service_healthy + solr: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/solr:8.11.2-${EXTERNAL_IMAGE_TAG_SUFFIX} + ports: + - "8984:8983" + volumes: + - type: bind + source: .\solr-data + target: c:\data + environment: + SOLR_MODE: solrcloud + healthcheck: + test: ["CMD", "powershell", "-command", "try { $$statusCode = (iwr http://solr:8983/solr/admin/cores?action=STATUS -UseBasicParsing).StatusCode; if ($$statusCode -eq 200) { exit 0 } else { exit 1} } catch { exit 1 }"] + solr-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-solr-init:${SITECORE_VERSION} + environment: + SITECORE_SOLR_CONNECTION_STRING: http://solr:8983/solr + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + depends_on: + solr: + condition: service_healthy + id: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-id7:${SITECORE_VERSION} + environment: + Sitecore_Sitecore__IdentityServer__SitecoreMemberShipOptions__ConnectionString: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl: https://${CM_HOST}/sitecore/login?rc=1 + Sitecore_Sitecore__IdentityServer__Clients__PasswordClient__ClientSecrets__ClientSecret1: ${SITECORE_IDSECRET} + Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1: https://${CM_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawData: ${SITECORE_ID_CERTIFICATE} + Sitecore_Sitecore__IdentityServer__PublicOrigin: https://${ID_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawDataPassword: ${SITECORE_ID_CERTIFICATE_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "pwsh", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + depends_on: + mssql-init: + condition: service_healthy + labels: + - "traefik.enable=true" + - "traefik.http.routers.id-secure.entrypoints=websecure" + - "traefik.http.routers.id-secure.rule=Host(`${ID_HOST}`)" + - "traefik.http.routers.id-secure.tls=true" + cm: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-cm:${SITECORE_VERSION} + depends_on: + id: + condition: service_started + xconnect: + condition: service_started + environment: + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.pools;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_ExperienceForms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.ExperienceForms;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Exm.Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Exm.master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Sitecore.Reporting.Client: http://xconnect + Sitecore_ConnectionStrings_Cortex.Processing.Engine: http://xconnect + Sitecore_ConnectionStrings_Solr.Search: http://solr:8983/solr;solrCloud=true + Sitecore_ConnectionStrings_SitecoreIdentity.Secret: ${SITECORE_IDSECRET} + Sitecore_ConnectionStrings_XConnect.Collection: http://xconnect + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Operations.Client: http://xconnect + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Reporting.Client: http://xconnect + Sitecore_ConnectionStrings_Xdb.ReferenceData.Client: http://xconnect + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_GraphQL_Enabled: ${SITECORE_GRAPHQL_ENABLED} + Sitecore_GraphQL_ExposePlayground: ${SITECORE_GRAPHQL_EXPOSEPLAYGROUND} + Sitecore_GraphQL_UploadMediaOptions_EncryptionKey: ${SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY} + Sitecore_Identity_Server_Authority: https://${ID_HOST} + Sitecore_Identity_Server_InternalAuthority: http://id + Sitecore_Identity_Server_CallbackAuthority: https://${CM_HOST} + Sitecore_Identity_Server_Require_Https: "false" + Sitecore_Analytics_Forwarded_Request_Http_Header: X-Forwarded-For + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.cm-secure.entrypoints=websecure" + - "traefik.http.routers.cm-secure.rule=Host(`${CM_HOST}`)" + - "traefik.http.routers.cm-secure.tls=true" + - "traefik.http.routers.cm-secure.middlewares=force-STS-Header" + volumes: + - "./device-detection-data:C:/inetpub/wwwroot/App_Data/DeviceDetection" + xconnect: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-xconnect:${SITECORE_VERSION} + ports: + - "8081:80" + depends_on: + mssql-init: + condition: service_healthy + solr-init: + condition: service_started + environment: + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Processing.Engine.Storage: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Storage;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Processing.Engine.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.pools;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Collection: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.ShardMapManager;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_SolrCore: http://solr:8983/solr/${SOLR_CORE_PREFIX_NAME}_xdb;solrCloud=true + Sitecore_Sitecore:XConnect:CollectionSearch:Services:Solr.SolrReaderSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:CollectionSearch:Services:XConnectSolrHealthCheckServicesConfiguration:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrReaderSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrWriterSettings:Options:RequireHttps: 'false' + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbsearchworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-xdbsearchworker:${SITECORE_VERSION} + depends_on: + xconnect: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_Collection: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.ShardMapManager;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_SolrCore: http://solr:8983/solr/${SOLR_CORE_PREFIX_NAME}_xdb;solrCloud=true + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrReaderSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrWriterSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:CollectionSearch:Services:XConnectSolrHealthCheckServicesConfiguration:Options:RequireHttps: 'false' + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s + xdbautomationworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-xdbautomationworker:${SITECORE_VERSION} + depends_on: + xconnect: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_XConnect.Collection: http://xconnect + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s + cortexprocessingworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp0-cortexprocessingworker:${SITECORE_VERSION} + depends_on: + xconnect: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_Processing.Engine.Storage: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Storage;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Processing.Engine.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_XConnect.Collection: http://xconnect + Sitecore_ConnectionStrings_XConnect.Configuration: http://xconnect + Sitecore_ConnectionStrings_XConnect.Search: http://xconnect + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/mssql-data/readme.md b/compose/sxp/10.4/ltsc2019/xp0/mssql-data/readme.md new file mode 100644 index 00000000..d3edaed8 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/mssql-data/readme.md @@ -0,0 +1 @@ +database files will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/solr-data/readme.md b/compose/sxp/10.4/ltsc2019/xp0/solr-data/readme.md new file mode 100644 index 00000000..7a168695 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/solr-data/readme.md @@ -0,0 +1 @@ +solr indexes will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/traefik/certs/readme b/compose/sxp/10.4/ltsc2019/xp0/traefik/certs/readme new file mode 100644 index 00000000..1176e9a9 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/traefik/certs/readme @@ -0,0 +1,5 @@ +Add TLS certificates for xp0cm.localhost and xp0id.localhost hosts to this folder: + xp0cm.localhost.crt + xp0cm.localhost.key + xp0id.localhost.crt + xp0id.localhost.key \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp0/traefik/config/dynamic/certs_config.yaml b/compose/sxp/10.4/ltsc2019/xp0/traefik/config/dynamic/certs_config.yaml new file mode 100644 index 00000000..45581422 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp0/traefik/config/dynamic/certs_config.yaml @@ -0,0 +1,6 @@ +tls: + certificates: + - certFile: C:\etc\traefik\certs\xp0cm.localhost.crt + keyFile: C:\etc\traefik\certs\xp0cm.localhost.key + - certFile: C:\etc\traefik\certs\xp0id.localhost.crt + keyFile: C:\etc\traefik\certs\xp0id.localhost.key \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/.env b/compose/sxp/10.4/ltsc2019/xp1/.env new file mode 100644 index 00000000..bc4ee83e --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/.env @@ -0,0 +1,30 @@ +COMPOSE_PROJECT_NAME=sitecore-xp1 +SITECORE_DOCKER_REGISTRY=scr.sitecore.com/sxp/ +SITECORE_VERSION=10.4-ltsc2019 +EXTERNAL_IMAGE_TAG_SUFFIX=ltsc2019 +SITECORE_ADMIN_PASSWORD= +SQL_SERVER=mssql +SQL_SA_LOGIN=sa +SQL_SA_PASSWORD= +SQL_DATABASE_PREFIX=Sitecore +SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM= +REPORTING_API_KEY= +TELERIK_ENCRYPTION_KEY= +SITECORE_GRAPHQL_ENABLED=true +SITECORE_GRAPHQL_EXPOSEPLAYGROUND=false +# You should change the encryption key to a random string and not use the default value +SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY=432A462D4A614E64 +SITECORE_IDSECRET= +SITECORE_ID_CERTIFICATE= +SITECORE_ID_CERTIFICATE_PASSWORD= +SITECORE_LICENSE= +CD_HOST=xp1cd.localhost +CM_HOST=xp1cm.localhost +ID_HOST=xp1id.localhost +TRAEFIK_IMAGE=traefik:v2.11.0-windowsservercore-1809 +TRAEFIK_ISOLATION=default +ISOLATION=default +SOLR_CORE_PREFIX_NAME=sitecore +# You should change the shared secret to a random string and not use the default value +MEDIA_REQUEST_PROTECTION_SHARED_SECRET=HQ(NjM(u6_5koVla-cTf4ta8x1h6Sb+ZcUQrULUz-0Afpx0cx-NuMtIoQkpDFmX5 +LOG_LEVEL_VALUE=INFO \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/compose-init.ps1 b/compose/sxp/10.4/ltsc2019/xp1/compose-init.ps1 new file mode 100644 index 00000000..a28b66c9 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/compose-init.ps1 @@ -0,0 +1,290 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp0","xp1")] + [string]$Topology = "xp1", + + [string] + [ValidateNotNullOrEmpty()] + $EnvFilePath = ".\.env", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SitecoreAdminPassword = "Password12345", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in .env, + # and used only for transient local example environment. + [string] + $SqlSaPassword = "Password12345", + + [string] + $SqlServer = "mssql", + + [string] + $SqlUserName = "sa", + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $CdHost = "$($Topology)cd.localhost", + + [string] + $CmHost = "$($Topology)cm.localhost", + + [string] + $IdHost = "$($Topology)id.localhost", + + # The link to a source NuGet Feed has been updated. + # In case of a name conflict with local PSRepository we suggest unregistering previous version from the host. + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $CertDataFolder = ".\traefik\certs", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +function Get-EnvironmentVariableNameList { + param( + [string]$EnvFilePath + ) + + $envVariableNameList = @() + $envVariables = Get-Content -Path $EnvFilePath + foreach ($envVariable in $envVariables) { + $envName = $envVariable.Split('=')[0] + $envVariableNameList += $envName + } + return $envVariableNameList +} + +function Populate-EnvironmentFile { + param( + [string]$EnvFilePath, + [hashtable]$EnvVariablesTable + ) + + Write-Information -MessageData "Starting populating '$EnvFilePath' env file variables..." -InformationAction Continue + + $envVariableNameList = Get-EnvironmentVariableNameList -EnvFilePath $EnvFilePath + foreach ($envVariableName in $envVariableNameList){ + if ($EnvVariablesTable.ContainsKey($envVariableName)) { + Set-EnvFileVariable $envVariableName -Value $($EnvVariablesTable[$envVariableName]) -Path $EnvFilePath + } + } + + Write-Information -MessageData "Finish populating '$EnvFilePath' env file variables." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$EnvFilePath, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry "$CmHost" + Add-HostsEntry "$IdHost" + if (($Topology -eq "xm1") -or ($Topology -eq "xp1")) { + Add-HostsEntry "$CdHost" + } + + Write-Information -MessageData "Finish adding Windows hosts file entries for '$Topology' topology." -InformationAction Continue +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + Write-Information -MessageData "Starting create certificates for '$Topology' topology..." -InformationAction Continue + + $dnsNames = @("$CdHost", "$CmHost", "$IdHost") + + if ($Topology -eq "xp0") { + $dnsNames = @("$CmHost", "$IdHost") + } + + # Check that Certificate or Key files already exist in the $CertDataFolder + $existingCertificateFiles = Get-ChildItem "$CertDataFolder\*" -Include *.crt, *.key + + if (-not $existingCertificateFiles){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\RootCA.crt" + + # Create Certificate and Key files for each Sitecore role + $dnsNames | ForEach-Object { + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $_ -DnsName $_ -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$CertDataFolder\$_.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$CertDataFolder\$_.crt" + } + + Write-Information -MessageData "Finish creating certificates for '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for '$Topology' topology." -InformationAction Continue + return $false + } +} + +function Update-CertsConfigFile{ + param( + [string]$CertDataFolder, + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $certsConfigFile = Join-Path (Split-Path $CertDataFolder -Parent) "config\dynamic\certs_config.yaml" + $certificatePath = "C:\etc\traefik\certs\" + + $customHostNames = @("$CdHost", "$CmHost", "$IdHost") + if ($Topology -eq "xp0") { + $customHostNames = @("$CmHost", "$IdHost") + } + + $newFileContent = @("tls:", " certificates:") + + foreach ($customHostName in $customHostNames){ + $newFileContent += " - certFile: " + $certificatePath + $customHostName + ".crt" + $newFileContent += " keyFile: " + $certificatePath + $customHostName + ".key" + } + + # Clear certs_config.yaml file + Clear-Content -Path $certsConfigFile + + # Setting new content to the certs_config.yaml file + $newFileContent | Set-Content $certsConfigFile + + Write-Information -MessageData "certs_config.yaml file was successfully updated." -InformationAction Continue +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Invoke-ComposeInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $envVariablesTable = @{ + "SITECORE_ADMIN_PASSWORD" = $SitecoreAdminPassword + "SQL_SA_PASSWORD" = $SqlSaPassword + "REPORTING_API_KEY" = "00112233445566778899AABBCCDDEEFF" + "TELERIK_ENCRYPTION_KEY" = Get-SitecoreRandomString 128 -DisallowSpecial + "MEDIA_REQUEST_PROTECTION_SHARED_SECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_IDSECRET" = Get-SitecoreRandomString 64 -DisallowSpecial + "SITECORE_ID_CERTIFICATE" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "SITECORE_ID_CERTIFICATE_PASSWORD" = $idCertPassword + "SITECORE_LICENSE" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "SQL_SERVER" = $SqlServer + "SQL_USERNAME" = $SqlUserName + "SQL_PASSWORD" = $SqlSaPassword + "IS_ALWAYS_ENCRYPTED" = $IsAlwaysEncrypted + "PROCESSING_ENGINE_TASKS_DATABASE_USERNAME" = $ProcessingEngineTasksDatabaseUserName + "CD_HOST" = $CdHost + "CM_HOST" = $CmHost + "ID_HOST" = $IdHost + "SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + $envFile = Split-Path $EnvFilePath -Leaf + + if($envFile -eq "upgrade.env"){ + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + }else{ + if (!(Test-Path $CertDataFolder)) { + Write-Warning -Message "The certificate '$CertDataFolder' path isn't valid. Please, specify another path for certificates." + return + } + + # Populate the environment file + Populate-EnvironmentFile -EnvFilePath $EnvFilePath -EnvVariablesTable $envVariablesTable + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # The update for the certs_config.yaml file is if Certificates were created for the custom hostnames. + if ($RootCertificateCreated){ + Update-CertsConfigFile -CertDataFolder $CertDataFolder -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } + + # Install Root Certificate if it was created + if ($RootCertificateCreated){ + Import-Certificate -FilePath "$CertDataFolder\RootCA.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + } + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -EnvFilePath $EnvFilePath -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "compose-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-ComposeInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/device-detection-data/readme.md b/compose/sxp/10.4/ltsc2019/xp1/device-detection-data/readme.md new file mode 100644 index 00000000..fe38d074 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/device-detection-data/readme.md @@ -0,0 +1 @@ +device detection database will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/docker-compose.yml b/compose/sxp/10.4/ltsc2019/xp1/docker-compose.yml new file mode 100644 index 00000000..011700ac --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/docker-compose.yml @@ -0,0 +1,407 @@ +services: + traefik: + isolation: ${TRAEFIK_ISOLATION} + image: ${TRAEFIK_IMAGE} + command: + - "--ping" + - "--api.insecure=true" + - "--providers.docker.endpoint=npipe:////./pipe/docker_engine" + - "--providers.docker.exposedByDefault=false" + - "--providers.file.directory=C:/etc/traefik/config/dynamic" + - "--entryPoints.websecure.address=:443" + - "--entryPoints.websecure.forwardedHeaders.insecure" + ports: + - "443:443" + - "8079:8080" + healthcheck: + test: ["CMD", "traefik", "healthcheck", "--ping"] + volumes: + - source: \\.\pipe\docker_engine + target: \\.\pipe\docker_engine + type: npipe + - ./traefik:C:/etc/traefik + depends_on: + id: + condition: service_healthy + cd: + condition: service_healthy + cm: + condition: service_healthy + redis: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}redis:3.2.100-${EXTERNAL_IMAGE_TAG_SUFFIX} + mssql: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/mssql-developer:2022-${EXTERNAL_IMAGE_TAG_SUFFIX} + environment: + SA_PASSWORD: ${SQL_SA_PASSWORD} + ACCEPT_EULA: "Y" + ports: + - "14330:1433" + volumes: + - type: bind + source: .\mssql-data + target: c:\data + mssql-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-mssql-init:${SITECORE_VERSION} + environment: + SQL_SERVER: ${SQL_SERVER} + SQL_ADMIN_LOGIN: ${SQL_SA_LOGIN} + SQL_ADMIN_PASSWORD: ${SQL_SA_PASSWORD} + SQL_DATABASE_PREFIX: ${SQL_DATABASE_PREFIX} + SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM: ${SQL_CUSTOM_DATABASE_PREFIX_UPDATE_FROM} + SITECORE_ADMIN_PASSWORD: ${SITECORE_ADMIN_PASSWORD} + POST_DEPLOYMENT_WAIT_PERIOD: 300 + healthcheck: + test: ["CMD", "powershell", "-command", "if ([System.Environment]::GetEnvironmentVariable('DatabasesDeploymentStatus', 'Machine') -eq 'Complete') { exit 0 } else { exit 1}"] + start_period: 300s + interval: 5s + depends_on: + mssql: + condition: service_healthy + solr: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}nonproduction/solr:8.11.2-${EXTERNAL_IMAGE_TAG_SUFFIX} + ports: + - "8984:8983" + volumes: + - type: bind + source: .\solr-data + target: c:\data + environment: + SOLR_MODE: solrcloud + healthcheck: + test: ["CMD", "powershell", "-command", "try { $$statusCode = (iwr http://solr:8983/solr/admin/cores?action=STATUS -UseBasicParsing).StatusCode; if ($$statusCode -eq 200) { exit 0 } else { exit 1} } catch { exit 1 }"] + solr-init: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-solr-init:${SITECORE_VERSION} + environment: + SITECORE_SOLR_CONNECTION_STRING: http://solr:8983/solr + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + depends_on: + solr: + condition: service_healthy + id: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-id7:${SITECORE_VERSION} + environment: + Sitecore_Sitecore__IdentityServer__SitecoreMemberShipOptions__ConnectionString: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl: https://${CM_HOST}/sitecore/login?rc=1 + Sitecore_Sitecore__IdentityServer__Clients__PasswordClient__ClientSecrets__ClientSecret1: ${SITECORE_IDSECRET} + Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1: https://${CM_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawData: ${SITECORE_ID_CERTIFICATE} + Sitecore_Sitecore__IdentityServer__PublicOrigin: https://${ID_HOST} + Sitecore_Sitecore__IdentityServer__CertificateRawDataPassword: ${SITECORE_ID_CERTIFICATE_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "pwsh", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + depends_on: + mssql-init: + condition: service_healthy + labels: + - "traefik.enable=true" + - "traefik.http.routers.id-secure.entrypoints=websecure" + - "traefik.http.routers.id-secure.rule=Host(`${ID_HOST}`)" + - "traefik.http.routers.id-secure.tls=true" + cd: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-cd:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + redis: + condition: service_started + xdbcollection: + condition: service_started + xdbautomation: + condition: service_started + xdbautomationrpt: + condition: service_started + xdbrefdata: + condition: service_started + environment: + Sitecore_AppSettings_instanceNameMode:define: default + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_ExperienceForms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.ExperienceForms;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Exm.Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Exm.master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Solr.Search: http://solr:8983/solr;solrCloud=true + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Operations.Client: http://xdbautomation + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Reporting.Client: http://xdbautomationrpt + Sitecore_ConnectionStrings_Xdb.ReferenceData.Client: http://xdbrefdata + Sitecore_ConnectionStrings_Redis.Sessions: redis:6379,ssl=False,abortConnect=False + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_Analytics_Forwarded_Request_Http_Header: X-Forwarded-For + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.routers.cd-secure.entrypoints=websecure" + - "traefik.http.routers.cd-secure.rule=Host(`${CD_HOST}`)" + - "traefik.http.routers.cd-secure.tls=true" + volumes: + - "./device-detection-data:C:/inetpub/wwwroot/App_Data/DeviceDetection" + cm: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-cm:${SITECORE_VERSION} + depends_on: + id: + condition: service_started + cortexreporting: + condition: service_started + cortexprocessing: + condition: service_started + xdbcollection: + condition: service_started + xdbsearch: + condition: service_started + xdbautomation: + condition: service_started + xdbautomationrpt: + condition: service_started + xdbrefdata: + condition: service_started + environment: + Sitecore_AppSettings_instanceNameMode:define: default + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Web: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Web;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting.ApiKey: ${REPORTING_API_KEY} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_ExperienceForms: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.ExperienceForms;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Exm.Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Exm.master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Sitecore.Reporting.Client: http://cortexreporting + Sitecore_ConnectionStrings_Cortex.Processing.Engine: http://cortexprocessing + Sitecore_ConnectionStrings_Solr.Search: http://solr:8983/solr;solrCloud=true + Sitecore_ConnectionStrings_SitecoreIdentity.Secret: ${SITECORE_IDSECRET} + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_ConnectionStrings_XConnect.Search: http://xdbsearch + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Operations.Client: http://xdbautomation + Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Reporting.Client: http://xdbautomationrpt + Sitecore_ConnectionStrings_Xdb.ReferenceData.Client: http://xdbrefdata + Sitecore_Processing_Service_Url: http://prc + Sitecore_Processing_Service_Require_Https: 'false' + Sitecore_AppSettings_Telerik.AsyncUpload.ConfigurationEncryptionKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_AppSettings_Telerik.Upload.ConfigurationHashKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_AppSettings_Telerik.Web.UI.DialogParametersEncryptionKey: ${TELERIK_ENCRYPTION_KEY} + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_GraphQL_Enabled: ${SITECORE_GRAPHQL_ENABLED} + Sitecore_GraphQL_ExposePlayground: ${SITECORE_GRAPHQL_EXPOSEPLAYGROUND} + Sitecore_GraphQL_UploadMediaOptions_EncryptionKey: ${SITECORE_GRAPHQL_UPLOADMEDIAOPTIONS_ENCRYPTIONKEY} + Sitecore_Identity_Server_Authority: https://${ID_HOST} + Sitecore_Identity_Server_InternalAuthority: http://id + Sitecore_Identity_Server_CallbackAuthority: https://${CM_HOST} + Sitecore_Identity_Server_Require_Https: "false" + SOLR_CORE_PREFIX_NAME: ${SOLR_CORE_PREFIX_NAME} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.force-STS-Header.headers.forceSTSHeader=true" + - "traefik.http.middlewares.force-STS-Header.headers.stsSeconds=31536000" + - "traefik.http.routers.cm-secure.entrypoints=websecure" + - "traefik.http.routers.cm-secure.rule=Host(`${CM_HOST}`)" + - "traefik.http.routers.cm-secure.tls=true" + - "traefik.http.routers.cm-secure.middlewares=force-STS-Header" + prc: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-prc:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + xdbcollection: + condition: service_started + environment: + Sitecore_AppSettings_instanceNameMode:define: default + Sitecore_ConnectionStrings_Core: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Security: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Core;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Master: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Master;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting.ApiKey: ${REPORTING_API_KEY} + Sitecore_ConnectionStrings_Xdb.Processing.Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.pools;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_License: ${SITECORE_LICENSE} + MEDIA_REQUEST_PROTECTION_SHARED_SECRET: ${MEDIA_REQUEST_PROTECTION_SHARED_SECRET} + LOG_LEVEL_VALUE: ${LOG_LEVEL_VALUE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbcollection: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbcollection:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + environment: + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.pools;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Collection: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.ShardMapManager;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbsearch: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbsearch:${SITECORE_VERSION} + depends_on: + xdbcollection: + condition: service_healthy + solr-init: + condition: service_started + environment: + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Processing.Pools: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.pools;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Collection: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.ShardMapManager;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_SolrCore: http://solr:8983/solr/${SOLR_CORE_PREFIX_NAME}_xdb;solrCloud=true + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_Sitecore:XConnect:CollectionSearch:Services:Solr.SolrReaderSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:CollectionSearch:Services:XConnectSolrHealthCheckServicesConfiguration:Options:RequireHttps: 'false' + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbautomation: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbautomation:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + xdbcollection: + condition: service_started + xdbsearch: + condition: service_started + environment: + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_ConnectionStrings_XConnect.Search: http://xdbsearch + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbautomationrpt: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbautomationrpt:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + environment: + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + cortexprocessing: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-cortexprocessing:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + environment: + Sitecore_ConnectionStrings_Processing.Engine.Storage: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Storage;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Processing.Engine.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + cortexreporting: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-cortexreporting:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + environment: + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbrefdata: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbrefdata:${SITECORE_VERSION} + depends_on: + mssql-init: + condition: service_healthy + environment: + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1"] + timeout: 300s + xdbsearchworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbsearchworker:${SITECORE_VERSION} + depends_on: + xdbsearch: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_Collection: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Xdb.Collection.ShardMapManager;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_SolrCore: http://solr:8983/solr/${SOLR_CORE_PREFIX_NAME}_xdb;solrCloud=true + Sitecore_License: ${SITECORE_LICENSE} + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrReaderSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:SearchIndexer:Services:Solr.SolrWriterSettings:Options:RequireHttps: 'false' + Sitecore_Sitecore:XConnect:CollectionSearch:Services:XConnectSolrHealthCheckServicesConfiguration:Options:RequireHttps: 'false' + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s + xdbautomationworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-xdbautomationworker:${SITECORE_VERSION} + depends_on: + xdbcollection: + condition: service_healthy + xdbsearch: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_ConnectionStrings_XConnect.Search: http://xdbsearch + Sitecore_ConnectionStrings_Xdb.Marketingautomation: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Marketingautomation;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Xdb.Referencedata: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Referencedata;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Messaging: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Messaging;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s + cortexprocessingworker: + isolation: ${ISOLATION} + image: ${SITECORE_DOCKER_REGISTRY}sitecore-xp1-cortexprocessingworker:${SITECORE_VERSION} + depends_on: + xdbcollection: + condition: service_healthy + xdbsearch: + condition: service_healthy + restart: unless-stopped + environment: + Sitecore_ConnectionStrings_Processing.Engine.Storage: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Storage;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_Processing.Engine.Tasks: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Processing.Engine.Tasks;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_ConnectionStrings_XConnect.Collection: http://xdbcollection + Sitecore_ConnectionStrings_XConnect.Configuration: http://xdbcollection + Sitecore_ConnectionStrings_XConnect.Search: http://xdbsearch + Sitecore_ConnectionStrings_Reporting: Data Source=${SQL_SERVER};Initial Catalog=${SQL_DATABASE_PREFIX}.Reporting;User ID=${SQL_SA_LOGIN};Password=${SQL_SA_PASSWORD} + Sitecore_License: ${SITECORE_LICENSE} + healthcheck: + test: ["CMD", "powershell", "-command", "C:/Healthchecks/Healthcheck.ps1 -Port 8080"] + timeout: 300s \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/mssql-data/readme.md b/compose/sxp/10.4/ltsc2019/xp1/mssql-data/readme.md new file mode 100644 index 00000000..d3edaed8 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/mssql-data/readme.md @@ -0,0 +1 @@ +database files will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/solr-data/readme.md b/compose/sxp/10.4/ltsc2019/xp1/solr-data/readme.md new file mode 100644 index 00000000..7a168695 --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/solr-data/readme.md @@ -0,0 +1 @@ +solr indexes will be mounted here \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/traefik/certs/readme b/compose/sxp/10.4/ltsc2019/xp1/traefik/certs/readme new file mode 100644 index 00000000..95e398fc --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/traefik/certs/readme @@ -0,0 +1,7 @@ +Add TLS certificates for xp1cd.localhost, xp1cm.localhost and xp1id.localhost hosts to this folder: + xp1cd.localhost.crt + xp1cd.localhost.key + xp1cm.localhost.crt + xp1cm.localhost.key + xp1id.localhost.crt + xp1id.localhost.key \ No newline at end of file diff --git a/compose/sxp/10.4/ltsc2019/xp1/traefik/config/dynamic/certs_config.yaml b/compose/sxp/10.4/ltsc2019/xp1/traefik/config/dynamic/certs_config.yaml new file mode 100644 index 00000000..725742ba --- /dev/null +++ b/compose/sxp/10.4/ltsc2019/xp1/traefik/config/dynamic/certs_config.yaml @@ -0,0 +1,8 @@ +tls: + certificates: + - certFile: C:\etc\traefik\certs\xp1cd.localhost.crt + keyFile: C:\etc\traefik\certs\xp1cd.localhost.key + - certFile: C:\etc\traefik\certs\xp1cm.localhost.crt + keyFile: C:\etc\traefik\certs\xp1cm.localhost.key + - certFile: C:\etc\traefik\certs\xp1id.localhost.crt + keyFile: C:\etc\traefik\certs\xp1id.localhost.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-from-version.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-from-version.txt new file mode 100644 index 00000000..6495db7e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-from-version.txt @@ -0,0 +1 @@ +10.3.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-to-version.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-to-version.txt new file mode 100644 index 00000000..7400abcd --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/database-upgrade-to-version.txt @@ -0,0 +1 @@ +10.4.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sitecore-license.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sitecore-license.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-database-prefix.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-database-prefix.txt new file mode 100644 index 00000000..84e851b6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-database-prefix.txt @@ -0,0 +1 @@ +Sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-password.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-server.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-server.txt new file mode 100644 index 00000000..a5faf708 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-server.txt @@ -0,0 +1 @@ +mssql \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-user-name.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/configuration/sql-user-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/k8s-init-upgrade.ps1 b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/k8s-init-upgrade.ps1 new file mode 100644 index 00000000..a02b2d96 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/k8s-init-upgrade.ps1 @@ -0,0 +1,117 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp1")] + [string]$Topology = "xm1", + + [string] + [ValidateNotNullOrEmpty()] + $SecretsFolderPath = ".\configuration", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + [Parameter(Mandatory = $true)] + [string] + $SqlUserName, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SqlUserPassword, + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Populate-ContentSecrets { + param( + [string]$SecretsFolderPath, + [hashtable]$K8sSecretArray, + [string]$Topology + ) + + Write-Information -MessageData "Starting populating the secret .txt files to '$SecretsFolderPath' folder for k8s '$Topology' topology..." -InformationAction Continue + + $K8sSecretArray.keys | ForEach-Object { + $secretFilePath = Join-Path $SecretsFolderPath $_ + if (Test-Path $secretFilePath -PathType Leaf) { + Set-Content $secretFilePath -Value "$($K8sSecretArray[$_])" -Force -NoNewline + } + } + + Write-Information -MessageData "Finish populating the secret .txt files to '$SecretsFolderPath' folder for k8s '$Topology' topology." -InformationAction Continue +} + +function Invoke-K8sInitUpgrade { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $k8sSecretArray = @{ + "sitecore-license.txt" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "sql-password.txt" = $SqlUserPassword + "sql-user-name.txt" = $SqlUserName + "processing-engine-tasks-database-user-name.txt" = $ProcessingEngineTasksDatabaseUserName + "is-always-encrypted.txt" = $IsAlwaysEncrypted + } + + # Populate the .txt secret files + Populate-ContentSecrets -SecretsFolderPath $SecretsFolderPath -K8sSecretArray $k8sSecretArray -Topology $Topology +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "k8s-init-upgrade-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-K8sInitUpgrade *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/kustomization.yaml new file mode 100644 index 00000000..370dc424 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/kustomization.yaml @@ -0,0 +1,21 @@ +generatorOptions: + disableNameSuffixHash: true +configMapGenerator: +- name: mssql-upgrade-config + files: + - configuration/sql-server.txt + - configuration/sql-database-prefix.txt + - configuration/database-upgrade-from-version.txt + - configuration/database-upgrade-to-version.txt +secretGenerator: +- name: mssql-upgrade-secret + files: + - configuration/sql-user-name.txt + - configuration/sql-password.txt + - configuration/sitecore-license.txt +resources: +- mssql-upgrade.yaml +images: +- name: sitecore-xm1-mssql-upgrade + newName: scr.sitecore.com/sxp/sitecore-xm1-mssql-upgrade + newTag: 10.4-ltsc2019 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xm1/mssql-upgrade.yaml b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/mssql-upgrade.yaml new file mode 100644 index 00000000..a9eff564 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xm1/mssql-upgrade.yaml @@ -0,0 +1,60 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: mssql-upgrade +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: mssql-upgrade + image: sitecore-xm1-mssql-upgrade + env: + - name: SQL_DATABASE_PREFIX + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: sql-database-prefix.txt + - name: SQL_SERVER + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: sql-server.txt + - name: SQL_USER_NAME + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sql-user-name.txt + - name: SQL_PASSWORD + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sql-password.txt + - name: DATABASE_UPGRADE_FROM_VERSION + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: database-upgrade-from-version.txt + - name: DATABASE_UPGRADE_TO_VERSION + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: database-upgrade-to-version.txt + - name: SITECORE_LICENSE + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sitecore-license.txt + - name: Sitecore_ConnectionStrings_Core + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Core;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Master + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Master;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Web;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Experienceforms + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Experienceforms;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + restartPolicy: Never + backoffLimit: 5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-from-version.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-from-version.txt new file mode 100644 index 00000000..6495db7e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-from-version.txt @@ -0,0 +1 @@ +10.3.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-to-version.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-to-version.txt new file mode 100644 index 00000000..7400abcd --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/database-upgrade-to-version.txt @@ -0,0 +1 @@ +10.4.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/is-always-encrypted.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/is-always-encrypted.txt new file mode 100644 index 00000000..02e4a84d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/is-always-encrypted.txt @@ -0,0 +1 @@ +false \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/processing-engine-tasks-database-user-name.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/processing-engine-tasks-database-user-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sitecore-license.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sitecore-license.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-database-prefix.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-database-prefix.txt new file mode 100644 index 00000000..84e851b6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-database-prefix.txt @@ -0,0 +1 @@ +Sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-password.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-server.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-server.txt new file mode 100644 index 00000000..a5faf708 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-server.txt @@ -0,0 +1 @@ +mssql \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-user-name.txt b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/configuration/sql-user-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/k8s-init-upgrade.ps1 b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/k8s-init-upgrade.ps1 new file mode 100644 index 00000000..0be0ed14 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/k8s-init-upgrade.ps1 @@ -0,0 +1,117 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp1")] + [string]$Topology = "xp1", + + [string] + [ValidateNotNullOrEmpty()] + $SecretsFolderPath = ".\configuration", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + [Parameter(Mandatory = $true)] + [string] + $SqlUserName, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SqlUserPassword, + + [boolean] + $IsAlwaysEncrypted = $false, + + [string] + $ProcessingEngineTasksDatabaseUserName = "dbo", + + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Populate-ContentSecrets { + param( + [string]$SecretsFolderPath, + [hashtable]$K8sSecretArray, + [string]$Topology + ) + + Write-Information -MessageData "Starting populating the secret .txt files to '$SecretsFolderPath' folder for k8s '$Topology' topology..." -InformationAction Continue + + $K8sSecretArray.keys | ForEach-Object { + $secretFilePath = Join-Path $SecretsFolderPath $_ + if (Test-Path $secretFilePath -PathType Leaf) { + Set-Content $secretFilePath -Value "$($K8sSecretArray[$_])" -Force -NoNewline + } + } + + Write-Information -MessageData "Finish populating the secret .txt files to '$SecretsFolderPath' folder for k8s '$Topology' topology." -InformationAction Continue +} + +function Invoke-K8sInitUpgrade { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $k8sSecretArray = @{ + "sitecore-license.txt" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "sql-password.txt" = $SqlUserPassword + "sql-user-name.txt" = $SqlUserName + "processing-engine-tasks-database-user-name.txt" = $ProcessingEngineTasksDatabaseUserName + "is-always-encrypted.txt" = $IsAlwaysEncrypted + } + + # Populate the .txt secret files + Populate-ContentSecrets -SecretsFolderPath $SecretsFolderPath -K8sSecretArray $k8sSecretArray -Topology $Topology +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "k8s-init-upgrade-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-K8sInitUpgrade *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/kustomization.yaml new file mode 100644 index 00000000..6a0b29b0 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/kustomization.yaml @@ -0,0 +1,23 @@ +generatorOptions: + disableNameSuffixHash: true +configMapGenerator: +- name: mssql-upgrade-config + files: + - configuration/sql-server.txt + - configuration/sql-database-prefix.txt + - configuration/is-always-encrypted.txt + - configuration/processing-engine-tasks-database-user-name.txt + - configuration/database-upgrade-from-version.txt + - configuration/database-upgrade-to-version.txt +secretGenerator: +- name: mssql-upgrade-secret + files: + - configuration/sql-user-name.txt + - configuration/sql-password.txt + - configuration/sitecore-license.txt +resources: +- mssql-upgrade.yaml +images: +- name: sitecore-xp1-mssql-upgrade + newName: scr.sitecore.com/sxp/sitecore-xp1-mssql-upgrade + newTag: 10.4-ltsc2019 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/upgrade/xp1/mssql-upgrade.yaml b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/mssql-upgrade.yaml new file mode 100644 index 00000000..309affb3 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/upgrade/xp1/mssql-upgrade.yaml @@ -0,0 +1,85 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: mssql-upgrade +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: mssql-upgrade + image: sitecore-xp1-mssql-upgrade + env: + - name: SQL_DATABASE_PREFIX + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: sql-database-prefix.txt + - name: SQL_SERVER + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: sql-server.txt + - name: IS_ALWAYS_ENCRYPTED + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: is-always-encrypted.txt + - name: PROCESSING_ENGINE_TASKS_DATABASE_USERNAME + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: processing-engine-tasks-database-user-name.txt + - name: SQL_USER_NAME + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sql-user-name.txt + - name: SQL_PASSWORD + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sql-password.txt + - name: DATABASE_UPGRADE_FROM_VERSION + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: database-upgrade-from-version.txt + - name: DATABASE_UPGRADE_TO_VERSION + valueFrom: + configMapKeyRef: + name: mssql-upgrade-config + key: database-upgrade-to-version.txt + - name: SITECORE_LICENSE + valueFrom: + secretKeyRef: + name: mssql-upgrade-secret + key: sitecore-license.txt + - name: Sitecore_ConnectionStrings_Core + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Core;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Master + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Master;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Web;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Experienceforms + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Experienceforms;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Processing_Engine_Tasks + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Processing.Engine.Tasks;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Messaging;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Reporting + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Reporting;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Xdb_Collection_Shard0 + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Xdb.Collection.Shard0;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Xdb_Collection_Shard1 + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Xdb.Collection.Shard1;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Marketingautomation + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Marketingautomation;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + - name: Sitecore_ConnectionStrings_Processing_Pools + value: Data Source=$(SQL_SERVER);Initial Catalog=$(SQL_DATABASE_PREFIX).Processing.Pools;User ID=$(SQL_USER_NAME);Password=$(SQL_PASSWORD); + restartPolicy: Never + backoffLimit: 5 + \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/cd.yaml b/k8s/sxp/10.4/ltsc2019/xm1/cd.yaml new file mode 100644 index 00000000..06a71955 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/cd.yaml @@ -0,0 +1,154 @@ +apiVersion: v1 +kind: Service +metadata: + name: cd +spec: + selector: + app: cd + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cd + labels: + app: cd +spec: + replicas: 1 + selector: + matchLabels: + app: cd + template: + metadata: + labels: + app: cd + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xm1-cd + image: sitecore-xm1-cd + ports: + - containerPort: 80 + env: + - name: Sitecore_InstanceName + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: LOG_LEVEL_VALUE + valueFrom: + secretKeyRef: + name: sitecore-log-level + key: sitecore-log-level-value.txt + - name: Sitecore_ConnectionStrings_Security + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Web;User ID=$(Web_Database_Username);Password=$(Web_Database_Password); + - name: Sitecore_ConnectionStrings_ExperienceForms + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).ExperienceForms;User ID=$(Forms_Database_Username);Password=$(Forms_Database_Password); + - name: Sitecore_ConnectionStrings_Solr.Search + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: Sitecore_ConnectionStrings_Redis.Sessions + value: redis:6379,ssl=False,abortConnect=False + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + - name: MEDIA_REQUEST_PROTECTION_SHARED_SECRET + valueFrom: + secretKeyRef: + name: sitecore-protect-media-requests + key: sitecore-media-request-protection-shared-secret.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cd + - mountPath: C:\inetpub\wwwroot\App_Data\DeviceDetection + name: device-detection + resources: + requests: + memory: 2500Mi + cpu: 1000m + limits: + memory: 4Gi + cpu: 1500m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + - name: device-detection + persistentVolumeClaim: + claimName: device-detection + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/cm.yaml b/k8s/sxp/10.4/ltsc2019/xm1/cm.yaml new file mode 100644 index 00000000..d3b3ec0d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/cm.yaml @@ -0,0 +1,198 @@ +apiVersion: v1 +kind: Service +metadata: + name: cm +spec: + selector: + app: cm + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cm + labels: + app: cm +spec: + replicas: 1 + selector: + matchLabels: + app: cm + template: + metadata: + labels: + app: cm + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xm1-cm + image: sitecore-xm1-cm + ports: + - containerPort: 80 + env: + - name: Sitecore_InstanceName + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-username.txt + - name: Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-password.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Sitecore_ConnectionStrings_Sitecoreidentity.secret + valueFrom: + secretKeyRef: + name: sitecore-identity + key: sitecore-identitysecret.txt + - name: Sitecore_AppSettings_Telerik.AsyncUpload.ConfigurationEncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_AppSettings_Telerik.Upload.ConfigurationHashKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_AppSettings_Telerik.Web.UI.DialogParametersEncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: LOG_LEVEL_VALUE + valueFrom: + secretKeyRef: + name: sitecore-log-level + key: sitecore-log-level-value.txt + - name: Sitecore_ConnectionStrings_Core + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Security + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Master + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Master;User ID=$(Master_Database_Username);Password=$(Master_Database_Password); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Web;User ID=$(Web_Database_Username);Password=$(Web_Database_Password); + - name: Sitecore_ConnectionStrings_ExperienceForms + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).ExperienceForms;User ID=$(Forms_Database_Username);Password=$(Forms_Database_Password); + - name: Sitecore_ConnectionStrings_Solr.Search + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: Sitecore_GraphQL_Enabled + value: "true" + - name: Sitecore_GraphQL_ExposePlayground + value: "false" + - name: Sitecore_GraphQL_UploadMediaOptions_EncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-graphql + key: sitecore-graphql-uploadmedia_encryptionkey.txt + - name: Sitecore_Identity_Server_Authority + value: https://id-placeholder-hostname + - name: Sitecore_Identity_Server_CallbackAuthority + value: https://cm-placeholder-hostname + - name: Sitecore_Identity_Server_InternalAuthority + value: http://id + - name: Sitecore_Identity_Server_Require_Https + value: "false" + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + - name: MEDIA_REQUEST_PROTECTION_SHARED_SECRET + valueFrom: + secretKeyRef: + name: sitecore-protect-media-requests + key: sitecore-media-request-protection-shared-secret.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cm + resources: + requests: + memory: 2500Mi + cpu: 1000m + limits: + memory: 4Gi + cpu: 1500m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cd-hostname b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cd-hostname new file mode 100644 index 00000000..d6c7cb76 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cd-hostname @@ -0,0 +1 @@ +cd.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cm-hostname b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cm-hostname new file mode 100644 index 00000000..3d05b3fe --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/cm-hostname @@ -0,0 +1 @@ +cm.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/configmaps/id-hostname b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/id-hostname new file mode 100644 index 00000000..1e750d1a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/id-hostname @@ -0,0 +1 @@ +id.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/configmaps/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/kustomization.yaml new file mode 100644 index 00000000..ea28225a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/configmaps/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +generatorOptions: + disableNameSuffixHash: true + +configMapGenerator: +- name: sitecore-hostnames + files: + - cd-hostname + - cm-hostname + - id-hostname \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/external/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/external/kustomization.yaml new file mode 100644 index 00000000..cf1783cb --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/external/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: mssql + newName: mcr.microsoft.com/mssql/server + newTag: 2022-CU10-ubuntu-22.04 +- name: redis + newName: redis + newTag: 4.0.14-alpine +- name: solr + newName: solr + newTag: 8.11.2 + +resources: + - mssql.yaml + - redis.yaml + - solr.yaml \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/external/mssql.yaml b/k8s/sxp/10.4/ltsc2019/xm1/external/mssql.yaml new file mode 100644 index 00000000..a7781007 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/external/mssql.yaml @@ -0,0 +1,60 @@ +apiVersion: v1 +kind: Service +metadata: + name: mssql +spec: + selector: + app: mssql + ports: + - protocol: TCP + port: 1433 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mssql + labels: + app: mssql +spec: + replicas: 1 + selector: + matchLabels: + app: mssql + template: + metadata: + labels: + app: mssql + spec: + nodeSelector: + kubernetes.io/os: linux + containers: + - name: mssql + image: mssql + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 101 + ports: + - containerPort: 1433 + env: + - name: SA_PASSWORD + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databasepassword.txt + - name: ACCEPT_EULA + value: "Y" + volumeMounts: + - mountPath: /var/opt/mssql + name: sql + resources: + requests: + memory: 2Gi + cpu: 200m + limits: + memory: 3Gi + cpu: 700m + volumes: + - name: sql + emptyDir: {} \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/external/redis.yaml b/k8s/sxp/10.4/ltsc2019/xm1/external/redis.yaml new file mode 100644 index 00000000..1bd7c8df --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/external/redis.yaml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + labels: + app: redis +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + volumes: + - emptyDir: {} + name: data + nodeSelector: + kubernetes.io/os: linux + containers: + - name: sitecore-redis + image: redis + ports: + - containerPort: 6379 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + resources: + requests: + memory: 100Mi + cpu: 100m + limits: + memory: 2500Mi + cpu: 500m + volumeMounts: + - mountPath: /data + name: data \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/external/solr.yaml b/k8s/sxp/10.4/ltsc2019/xm1/external/solr.yaml new file mode 100644 index 00000000..0e3f533f --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/external/solr.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Service +metadata: + name: solr +spec: + selector: + app: solr + ports: + - protocol: TCP + port: 8983 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: solr + labels: + app: solr +spec: + replicas: 1 + selector: + matchLabels: + app: solr + template: + metadata: + labels: + app: solr + spec: + nodeSelector: + kubernetes.io/os: linux + containers: + - name: solr + image: solr + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + ports: + - containerPort: 8983 + env: + - name: SOLR_MODE + value: solrcloud + startupProbe: + httpGet: + path: /solr/admin/info/system + port: 8983 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 30 + periodSeconds: 10 + failureThreshold: 10 + volumeMounts: + - mountPath: /tmp + name: tmp + resources: + requests: + memory: 2Gi + cpu: 500m + limits: + memory: 3Gi + cpu: 1500m + volumes: + - emptyDir: {} + name: tmp \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/id.yaml b/k8s/sxp/10.4/ltsc2019/xm1/id.yaml new file mode 100644 index 00000000..fa907eb3 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/id.yaml @@ -0,0 +1,120 @@ +apiVersion: v1 +kind: Service +metadata: + name: id +spec: + selector: + app: id + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: id + labels: + app: id +spec: + replicas: 1 + selector: + matchLabels: + app: id + template: + metadata: + labels: + app: id + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xm1-id + image: sitecore-xm1-id + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Sitecore_Sitecore__IdentityServer__Clients__PasswordClient__ClientSecrets__ClientSecret1 + valueFrom: + secretKeyRef: + name: sitecore-identity + key: sitecore-identitysecret.txt + - name: Sitecore_Sitecore__IdentityServer__CertificateRawData + valueFrom: + secretKeyRef: + name: sitecore-identitycertificate + key: sitecore-identitycertificate.txt + - name: Sitecore_Sitecore__IdentityServer__CertificateRawDataPassword + valueFrom: + secretKeyRef: + name: sitecore-identitycertificate + key: sitecore-identitycertificatepassword.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_Sitecore__IdentityServer__SitecoreMemberShipOptions__ConnectionString + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl + value: https://cm-placeholder-hostname/sitecore/login?rc=1 + - name: Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1 + value: https://cm-placeholder-hostname + - name: Sitecore_Sitecore__IdentityServer__PublicOrigin + value: https://id-placeholder-hostname + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\Identity\logs + name: logs + subPath: id + resources: + requests: + memory: 700Mi + cpu: 200m + limits: + memory: 1Gi + cpu: 300m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/configuration.yaml b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/configuration.yaml new file mode 100644 index 00000000..369feaeb --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/configuration.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-ingress-ingress-nginx-controller +data: + use-forwarded-headers: "true" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/ingress.yaml b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/ingress.yaml new file mode 100644 index 00000000..3b939a42 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/ingress.yaml @@ -0,0 +1,55 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: sitecore-ingress + annotations: + nginx.ingress.kubernetes.io/proxy-buffer-size: "32k" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/rewrite-target: / + nginx.ingress.kubernetes.io/proxy-connect-timeout: "600" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" + nginx.ingress.kubernetes.io/proxy-body-size: "512m" +spec: + ingressClassName: "nginx" + rules: + - host: cd-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cd + port: + number: 80 + - host: cm-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cm + port: + number: 80 + - host: id-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: id + port: + number: 80 + tls: + - secretName: global-cd-tls + hosts: + - cd-placeholder-hostname + - secretName: global-cm-tls + hosts: + - cm-placeholder-hostname + - secretName: global-id-tls + hosts: + - id-placeholder-hostname \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/kustomization.yaml new file mode 100644 index 00000000..cf09a27d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/ingress-nginx/kustomization.yaml @@ -0,0 +1,69 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../configmaps +- ingress.yaml +- configuration.yaml + +replacements: +- source: + fieldPath: data.cd-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=cd-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-cd-tls].hosts.0 +- source: + fieldPath: data.cm-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=cm-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-cm-tls].hosts.0 +- source: + fieldPath: data.id-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=id-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-id-tls].hosts.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/init/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/init/kustomization.yaml new file mode 100644 index 00000000..65bbe83b --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/init/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: sitecore-xm1-mssql-init + newName: scr.sitecore.com/sxp/sitecore-xm1-mssql-init + newTag: 10.4-ltsc2019 +- name: sitecore-xm1-solr-init + newName: scr.sitecore.com/sxp/sitecore-xm1-solr-init + newTag: 10.4-ltsc2019 + +resources: + - mssql-init.yaml + - solr-init.yaml \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/init/mssql-init.yaml b/k8s/sxp/10.4/ltsc2019/xm1/init/mssql-init.yaml new file mode 100644 index 00000000..2b084a0e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/init/mssql-init.yaml @@ -0,0 +1,92 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: mssql-init +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: mssql-init + image: sitecore-xm1-mssql-init + env: + - name: sitecore_admin_password + valueFrom: + secretKeyRef: + name: sitecore-admin + key: sitecore-adminpassword.txt + - name: SQL_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databasepassword.txt + - name: SQL_ADMIN_LOGIN + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseusername.txt + - name: SQL_SERVER + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: SQL_ELASTIC_POOL_NAME + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-database-elastic-pool-name.txt + - name: Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-username.txt + - name: Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-password.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sql_Custom_Database_Prefix_Update_From + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-custom-database-prefix-update-from.txt + restartPolicy: Never + backoffLimit: 5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/init/solr-init.yaml b/k8s/sxp/10.4/ltsc2019/xm1/init/solr-init.yaml new file mode 100644 index 00000000..6e4f1700 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/init/solr-init.yaml @@ -0,0 +1,27 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: solr-init +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: solr-init + image: sitecore-xm1-solr-init + env: + - name: SITECORE_SOLR_CONNECTION_STRING + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + restartPolicy: Never + backoffLimit: 5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/k8s-init.ps1 b/k8s/sxp/10.4/ltsc2019/xm1/k8s-init.ps1 new file mode 100644 index 00000000..a8084728 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/k8s-init.ps1 @@ -0,0 +1,372 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp1")] + [string]$Topology = "xm1", + + [string] + [ValidateNotNullOrEmpty()] + $SecretsFolderPath = ".\secrets", + + [string] + $CertDataFolder = ".\secrets\tls", + + [string] + $ConfigmapsDataFolder = ".\configmaps", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + [string] + $CdHost = "cd.globalhost", + + [string] + $CmHost = "cm.globalhost", + + [string] + $IdHost = "id.globalhost", + + [Parameter(Mandatory = $true)] + [string] + $ExternalIPAddress, + + [Parameter(Mandatory = $true)] + [string] + $SqlUserName, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SqlUserPassword, + + [string] + $SqlServer = "mssql", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SitecoreAdminPassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlCoreDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlFormsDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMasterDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlWebDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlCollectionShardmapmanagerDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlExmMasterDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMarketingAutomationDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMessagingDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingEngineStorageDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingEngineTasksDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingPoolsDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingTasksDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlReferenceDataDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlReportingDatabasePassword, + + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +$certDataFolderList = @{ + "$CertDataFolder\global-cd" = "$CdHost" + "$CertDataFolder\global-cm" = "$CmHost" + "$CertDataFolder\global-id" = "$IdHost" +} + +$configmapsHostnameList = @{ + "$ConfigmapsDataFolder\cd-hostname" = "$CdHost" + "$ConfigmapsDataFolder\cm-hostname" = "$CmHost" + "$ConfigmapsDataFolder\id-hostname" = "$IdHost" +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Populate-ContentSecrets { + param( + [string]$SecretsFolderPath, + [hashtable]$K8sSecretArray + ) + + Write-Information -MessageData "Starting populating the secret .txt files for '$SecretsFolderPath' folder..." -InformationAction Continue + + $K8sSecretArray.keys | ForEach-Object { + $secretFilePath = Join-Path $SecretsFolderPath $_ + if (Test-Path $secretFilePath -PathType Leaf) { + Set-Content $secretFilePath -Value "$($K8sSecretArray[$_])" -Force -NoNewline + } + } + + Write-Information -MessageData "Finish populating the secret .txt files for '$SecretsFolderPath' folder." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost, + [string]$ExternalIPAddress + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for k8s '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry -Hostname "$CdHost" -IPAddress $ExternalIPAddress + Add-HostsEntry -Hostname "$CmHost" -IPAddress $ExternalIPAddress + Add-HostsEntry -Hostname "$IdHost" -IPAddress $ExternalIPAddress + + Write-Information -MessageData "Finish adding Windows hosts file entries for k8s '$Topology' topology." -InformationAction Continue +} + +function Update-ConfigmapsFolder{ + param( + [hashtable]$ConfigmapsHostnameList, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $ConfigmapsHostnameList.Keys | ForEach-Object { + $hostnameFile = $_ + $hostName = $ConfigmapsHostnameList[$_] + + if (!(Test-Path $hostnameFile)) { + Write-Warning -Message "The configmaps hostname '$hostnameFile' path isn't valid. Please, specify another path for hostnames configmaps." + return + } + + # Clear *-hostname file + Clear-Content -Path $hostnameFile + + # Setting new content to the *-hostname file + $hostName | Set-Content $hostnameFile -NoNewline + + Write-Information -MessageData "'$hostnameFile' file was successfully updated." -InformationAction Continue + } +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [hashtable]$CertDataFolderList, + [string]$Topology + ) + + if (![string]::IsNullOrEmpty($CertDataFolder)) { + + Write-Information -MessageData "Starting create certificates for k8s '$Topology' topology..." -InformationAction Continue + + # Check that root certificate file already exist in the $CertDataFolder + $existingRootCertificateFile = Get-ChildItem "$CertDataFolder\global-authority\*" -Include *.crt + + if (-not $existingRootCertificateFile){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey -CommonName "Sitecore Kubernetes Development Self-Signed Authority" + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\global-authority\root.crt" + + # Create Certificate and Key files for each Sitecore role + $CertDataFolderList.Keys | ForEach-Object { + $certDataFolderName = $_ + $hostName = $CertDataFolderList[$_] + + if (!(Test-Path $certDataFolderName)) { + Write-Warning -Message "The certificate '$certDataFolderName' path isn't valid. Please, specify another path for certificates." + return + } + + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $hostName -DnsName $hostName -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$certDataFolderName\tls.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$certDataFolderName\tls.crt" + } + + Write-Information -MessageData "Finish creating certificates for k8s '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for k8s '$Topology' topology." -InformationAction Continue + return $false + } + + }else { + Write-Information -MessageData "The TLS certificate path is empty. '\upgrade\*' folder doen't contains TLS certificates for k8s '$Topology' topology." -InformationAction Continue + } +} + +function ApplyOrGenerate-DatabasePassword{ + param( + [string]$DatabasePassword + ) + + $password = $null + + if ([string]::IsNullOrEmpty($DatabasePassword)){ + $password = Get-SitecoreRandomString 12 -DisallowSpecial + $password = "Password0_" + $password + }else { + $password = $DatabasePassword + } + + return $password +} + +function Invoke-K8sInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $k8sSecretArray = @{ + "sitecore-adminpassword.txt" = $SitecoreAdminPassword + "sitecore-identitycertificate.txt" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "sitecore-identitysecret.txt" = Get-SitecoreRandomString 64 -DisallowSpecial + "sitecore-license.txt" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "sitecore-telerikencryptionkey.txt" = Get-SitecoreRandomString 128 -DisallowSpecial + "sitecore-reportingapikey.txt" = "00112233445566778899AABBCCDDEEFF" + "sitecore-identitycertificatepassword.txt" = $idCertPassword + "sitecore-databasepassword.txt" = $SqlUserPassword + "sitecore-databaseusername.txt" = $SqlUserName + "sitecore-databaseservername.txt" = $SqlServer + "sitecore-core-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlCoreDatabasePassword + "sitecore-forms-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlFormsDatabasePassword + "sitecore-master-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMasterDatabasePassword + "sitecore-web-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlWebDatabasePassword + "sitecore-collection-shardmapmanager-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlCollectionShardmapmanagerDatabasePassword + "sitecore-exm-master-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlExmMasterDatabasePassword + "sitecore-marketing-automation-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMarketingAutomationDatabasePassword + "sitecore-messaging-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMessagingDatabasePassword + "sitecore-processing-engine-storage-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingEngineStorageDatabasePassword + "sitecore-processing-engine-tasks-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingEngineTasksDatabasePassword + "sitecore-processing-pools-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingPoolsDatabasePassword + "sitecore-processing-tasks-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingTasksDatabasePassword + "sitecore-reference-data-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlReferenceDataDatabasePassword + "sitecore-reporting-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlReportingDatabasePassword + "sitecore-media-request-protection-shared-secret.txt" = Get-SitecoreRandomString 64 -DisallowSpecial + "sitecore-graphql-uploadmedia_encryptionkey.txt" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + # Populate the .txt secret files + Populate-ContentSecrets -SecretsFolderPath $SecretsFolderPath -K8sSecretArray $k8sSecretArray + + if (![string]::IsNullOrEmpty($CertDataFolder) -and (Test-Path $CertDataFolder)) { + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -CertDataFolderList $certDataFolderList -Topology $Topology + + if ($RootCertificateCreated){ + # The update for the \configmaps\*-hostname files is if Certificates were created for the custom hostnames. + Update-ConfigmapsFolder -ConfigmapsHostnameList $configmapsHostnameList -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # Install root certificate if it was created + Import-Certificate -FilePath "$CertDataFolder\global-authority\root.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost -ExternalIPAddress $ExternalIPAddress + } + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "k8s-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-K8sInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/kustomization.yaml new file mode 100644 index 00000000..a5b795c4 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/kustomization.yaml @@ -0,0 +1,73 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: sitecore-xm1-cd + newName: scr.sitecore.com/sxp/sitecore-xm1-cd + newTag: 10.4-ltsc2019 +- name: sitecore-xm1-cm + newName: scr.sitecore.com/sxp/sitecore-xm1-cm + newTag: 10.4-ltsc2019 +- name: sitecore-xm1-id + newName: scr.sitecore.com/sxp/sitecore-id7 + newTag: 10.4-ltsc2019 + +resources: + - configmaps + - cm.yaml + - cd.yaml + - id.yaml + +replacements: +- source: + fieldPath: data.cm-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + kind: Deployment + name: cm + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xm1-cm].env.[name=Sitecore_Identity_Server_CallbackAuthority].value + options: + delimiter: '//' + index: 1 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xm1-id].env.[name=Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl].value + options: + delimiter: '/' + index: 2 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xm1-id].env.[name=Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1].value + options: + delimiter: '//' + index: 1 +- source: + fieldPath: data.id-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + kind: Deployment + name: cm + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xm1-cm].env.[name=Sitecore_Identity_Server_Authority].value + options: + delimiter: '//' + index: 1 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xm1-id].env.[name=Sitecore_Sitecore__IdentityServer__PublicOrigin].value + options: + delimiter: '//' + index: 1 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/kustomization.yaml new file mode 100644 index 00000000..1067f9d4 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ..\..\..\init + +patchesStrategicMerge: + - solr-init.yaml + +images: +- name: sitecore-xm1-solr-init-searchstax + newName: scr.sitecore.com/sxp/sitecore-xm1-solr-init-searchstax + newTag: 10.4-ltsc2019 + +generatorOptions: + disableNameSuffixHash: true +secretGenerator: +- name: sitecore-solr-searchstax + files: + - sitecore-searchstax-apikey.txt + - sitecore-searchstax-account-name.txt + - sitecore-searchstax-deployment-uid.txt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-account-name.txt b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-account-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-apikey.txt b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-apikey.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-deployment-uid.txt b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/sitecore-searchstax-deployment-uid.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/solr-init.yaml b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/solr-init.yaml new file mode 100644 index 00000000..cbfe0d32 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/overlays/init/SearchStax/solr-init.yaml @@ -0,0 +1,26 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: solr-init +spec: + template: + spec: + containers: + - name: solr-init + image: sitecore-xm1-solr-init-searchstax + env: + - name: SEARCH_STAX_APIKEY + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-apikey.txt + - name: SEARCH_STAX_ACCOUNT_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-account-name.txt + - name: SEARCH_STAX_DEPLOYMENT_UID + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-deployment-uid.txt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xm1/secrets/kustomization.yaml new file mode 100644 index 00000000..99747337 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/kustomization.yaml @@ -0,0 +1,63 @@ +generatorOptions: + disableNameSuffixHash: true +secretGenerator: +- name: sitecore-admin + files: + - sitecore-adminpassword.txt +- name: sitecore-database + files: + - sitecore-databaseusername.txt + - sitecore-databasepassword.txt + - sitecore-databaseservername.txt + - sitecore-database-elastic-pool-name.txt + - sitecore-master-database-username.txt + - sitecore-master-database-password.txt + - sitecore-core-database-username.txt + - sitecore-core-database-password.txt + - sitecore-web-database-username.txt + - sitecore-web-database-password.txt + - sitecore-forms-database-username.txt + - sitecore-forms-database-password.txt + - sitecore-databaseprefix.txt + - sitecore-custom-database-prefix-update-from.txt +- name: sitecore-identitycertificate + files: + - sitecore-identitycertificate.txt + - sitecore-identitycertificatepassword.txt +- name: sitecore-license + files: + - sitecore-license.txt +- name: sitecore-graphql + files: + - sitecore-graphql-uploadmedia_encryptionkey.txt +- name: sitecore-identity + files: + - sitecore-identitysecret.txt +- name: sitecore-telerik + files: + - sitecore-telerikencryptionkey.txt +- name: sitecore-solr + files: + - sitecore-solr-connection-string.txt + - sitecore-solr-core-prefix-name.txt +- name: sitecore-protect-media-requests + files: + - sitecore-media-request-protection-shared-secret.txt +- name: sitecore-log-level + files: + - sitecore-log-level-value.txt +- name: global-cd-tls + files: + - tls/global-cd/tls.key + - tls/global-cd/tls.crt + type: kubernetes.io/tls +- name: global-cm-tls + files: + - tls/global-cm/tls.key + - tls/global-cm/tls.crt + type: kubernetes.io/tls +- name: global-id-tls + files: + - tls/global-id/tls.key + - tls/global-id/tls.crt + type: kubernetes.io/tls \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-adminpassword.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-adminpassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-core-database-password.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-core-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-core-database-username.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-core-database-username.txt new file mode 100644 index 00000000..1a01ffc1 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-core-database-username.txt @@ -0,0 +1 @@ +coreuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-custom-database-prefix-update-from.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-custom-database-prefix-update-from.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-database-elastic-pool-name.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-database-elastic-pool-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databasepassword.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databasepassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseprefix.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseprefix.txt new file mode 100644 index 00000000..84e851b6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseprefix.txt @@ -0,0 +1 @@ +Sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseservername.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseservername.txt new file mode 100644 index 00000000..a5faf708 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseservername.txt @@ -0,0 +1 @@ +mssql \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseusername.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseusername.txt new file mode 100644 index 00000000..0107e44b --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-databaseusername.txt @@ -0,0 +1 @@ +sa \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-forms-database-password.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-forms-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-forms-database-username.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-forms-database-username.txt new file mode 100644 index 00000000..2af61966 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-forms-database-username.txt @@ -0,0 +1 @@ +formsuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt new file mode 100644 index 00000000..a7ce33d9 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt @@ -0,0 +1 @@ +432A462D4A614E64 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitycertificate.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitycertificate.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitycertificatepassword.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitycertificatepassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitysecret.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-identitysecret.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-license.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-license.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-log-level-value.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-log-level-value.txt new file mode 100644 index 00000000..6a34d78a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-log-level-value.txt @@ -0,0 +1 @@ +INFO \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-master-database-password.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-master-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-master-database-username.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-master-database-username.txt new file mode 100644 index 00000000..92db7144 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-master-database-username.txt @@ -0,0 +1 @@ +masteruser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-media-request-protection-shared-secret.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-media-request-protection-shared-secret.txt new file mode 100644 index 00000000..04d929b5 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-media-request-protection-shared-secret.txt @@ -0,0 +1 @@ +HQ(NjM(u6_5koVla-cTf4ta8x1h6Sb+ZcUQrULUz-0Afpx0cx-NuMtIoQkpDFmX5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-connection-string.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-connection-string.txt new file mode 100644 index 00000000..223d335a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-connection-string.txt @@ -0,0 +1 @@ +http://solr:8983/solr;solrCloud=true \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-core-prefix-name.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-core-prefix-name.txt new file mode 100644 index 00000000..3220fb37 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-solr-core-prefix-name.txt @@ -0,0 +1 @@ +sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-telerikencryptionkey.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-telerikencryptionkey.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-web-database-password.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-web-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-web-database-username.txt b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-web-database-username.txt new file mode 100644 index 00000000..134ed9db --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/sitecore-web-database-username.txt @@ -0,0 +1 @@ +webuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-authority/readme b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-authority/readme new file mode 100644 index 00000000..e6e8c9db --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-authority/readme @@ -0,0 +1,2 @@ +Add generated root certificate authority to this folder: + root.crt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cd/readme b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cd/readme new file mode 100644 index 00000000..e9d69a7d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cd/readme @@ -0,0 +1,3 @@ +Add TLS certificate for cd.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cm/readme b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cm/readme new file mode 100644 index 00000000..4ff9e350 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-cm/readme @@ -0,0 +1,3 @@ +Add TLS certificate for cm.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-id/readme b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-id/readme new file mode 100644 index 00000000..9e46877e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/secrets/tls/global-id/readme @@ -0,0 +1,3 @@ +Add TLS certificate for id.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/device-detection.yaml b/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/device-detection.yaml new file mode 100644 index 00000000..eade3f82 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/device-detection.yaml @@ -0,0 +1,20 @@ +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: device-detection +provisioner: file.csi.azure.com +parameters: + skuName: Standard_LRS +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: device-detection +spec: + accessModes: + - ReadWriteMany + storageClassName: device-detection + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/logs.yaml b/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/logs.yaml new file mode 100644 index 00000000..290c5e6d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/volumes/azurefile/logs.yaml @@ -0,0 +1,20 @@ +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: logs +provisioner: file.csi.azure.com +parameters: + skuName: Standard_LRS +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: logs +spec: + accessModes: + - ReadWriteMany + storageClassName: logs + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/device-detection.yaml b/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/device-detection.yaml new file mode 100644 index 00000000..cd894bcf --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/device-detection.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: device-detection +spec: + storageClassName: "" + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/sitecore/device-detection" + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: device-detection +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/logs.yaml b/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/logs.yaml new file mode 100644 index 00000000..ab4a1098 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xm1/volumes/hostpath/logs.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: logs +spec: + storageClassName: "" + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/sitecore/logs" + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: logs +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/cd.yaml b/k8s/sxp/10.4/ltsc2019/xp1/cd.yaml new file mode 100644 index 00000000..0eb51f1c --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/cd.yaml @@ -0,0 +1,206 @@ +apiVersion: v1 +kind: Service +metadata: + name: cd +spec: + selector: + app: cd + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cd + labels: + app: cd +spec: + replicas: 1 + selector: + matchLabels: + app: cd + template: + metadata: + labels: + app: cd + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbautomation + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbautomation/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbautomationrpt + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbautomationrpt/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbrefdata + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbrefdata/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-cd + image: sitecore-xp1-cd + ports: + - containerPort: 80 + env: + - name: Sitecore_InstanceName + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Exm_Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-username.txt + - name: Exm_Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-password.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: LOG_LEVEL_VALUE + valueFrom: + secretKeyRef: + name: sitecore-log-level + key: sitecore-log-level-value.txt + - name: Sitecore_ConnectionStrings_Security + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Web;User ID=$(Web_Database_Username);Password=$(Web_Database_Password); + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + - name: Sitecore_ConnectionStrings_ExperienceForms + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).ExperienceForms;User ID=$(Forms_Database_Username);Password=$(Forms_Database_Password); + - name: Sitecore_ConnectionStrings_Exm.Master + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Exm.master;User ID=$(Exm_Master_Database_Username);Password=$(Exm_Master_Database_Password); + - name: Sitecore_ConnectionStrings_Solr.Search + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: Sitecore_ConnectionStrings_XConnect.Collection + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Operations.Client + value: http://xdbautomation + - name: Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Reporting.Client + value: http://xdbautomationrpt + - name: Sitecore_ConnectionStrings_Xdb.ReferenceData.Client + value: http://xdbrefdata + - name: Sitecore_ConnectionStrings_Redis.Sessions + value: redis:6379,ssl=False,abortConnect=False + - name: Sitecore_Analytics_Forwarded_Request_Http_Header + value: X-Forwarded-For + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + - name: MEDIA_REQUEST_PROTECTION_SHARED_SECRET + valueFrom: + secretKeyRef: + name: sitecore-protect-media-requests + key: sitecore-media-request-protection-shared-secret.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\Submit Queue + name: submit-queue + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cd + - mountPath: C:\inetpub\wwwroot\App_Data\DeviceDetection + name: device-detection + resources: + requests: + memory: 1Gi + cpu: 1000m + limits: + memory: 3Gi + cpu: 2000m + volumes: + - name: submit-queue + persistentVolumeClaim: + claimName: submit-queue + - name: logs + persistentVolumeClaim: + claimName: logs + - name: device-detection + persistentVolumeClaim: + claimName: device-detection + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/cm.yaml b/k8s/sxp/10.4/ltsc2019/xp1/cm.yaml new file mode 100644 index 00000000..12fb3fd6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/cm.yaml @@ -0,0 +1,291 @@ +apiVersion: v1 +kind: Service +metadata: + name: cm +spec: + selector: + app: cm + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cm + labels: + app: cm +spec: + replicas: 1 + selector: + matchLabels: + app: cm + template: + metadata: + labels: + app: cm + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbsearch + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbsearch/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-cortexreporting + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://cortexreporting/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-cortexprocessing + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://cortexprocessing/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbautomation + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbautomation/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbautomationrpt + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbautomationrpt/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbrefdata + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbrefdata/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-cm + image: sitecore-xp1-cm + ports: + - containerPort: 80 + env: + - name: Sitecore_InstanceName + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-username.txt + - name: Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-password.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Exm_Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-username.txt + - name: Exm_Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-password.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Reporting_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-username.txt + - name: Reporting_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_ConnectionStrings_Sitecoreidentity.secret + valueFrom: + secretKeyRef: + name: sitecore-identity + key: sitecore-identitysecret.txt + - name: Sitecore_AppSettings_Telerik.AsyncUpload.ConfigurationEncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_AppSettings_Telerik.Upload.ConfigurationHashKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_AppSettings_Telerik.Web.UI.DialogParametersEncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-telerik + key: sitecore-telerikencryptionkey.txt + - name: Sitecore_ConnectionStrings_Reporting.ApiKey + valueFrom: + secretKeyRef: + name: sitecore-reporting + key: sitecore-reportingapikey.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: LOG_LEVEL_VALUE + valueFrom: + secretKeyRef: + name: sitecore-log-level + key: sitecore-log-level-value.txt + - name: Sitecore_ConnectionStrings_Core + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Security + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Master + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Master;User ID=$(Master_Database_Username);Password=$(Master_Database_Password); + - name: Sitecore_ConnectionStrings_Web + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Web;User ID=$(Web_Database_Username);Password=$(Web_Database_Password); + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + - name: Sitecore_ConnectionStrings_ExperienceForms + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).ExperienceForms;User ID=$(Forms_Database_Username);Password=$(Forms_Database_Password); + - name: Sitecore_ConnectionStrings_Exm.Master + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Exm.master;User ID=$(Exm_Master_Database_Username);Password=$(Exm_Master_Database_Password); + - name: Sitecore_ConnectionStrings_Reporting + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Reporting;User ID=$(Reporting_Database_Username);Password=$(Reporting_Database_Password); + - name: Sitecore_ConnectionStrings_Sitecore.Reporting.Client + value: http://cortexreporting + - name: Sitecore_ConnectionStrings_Cortex.Processing.Engine + value: http://cortexprocessing + - name: Sitecore_ConnectionStrings_Solr.Search + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: Sitecore_ConnectionStrings_XConnect.Collection + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_XConnect.Search + value: http://xdbsearch + - name: Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Operations.Client + value: http://xdbautomation + - name: Sitecore_ConnectionStrings_Xdb.MarketingAutomation.Reporting.Client + value: http://xdbautomationrpt + - name: Sitecore_ConnectionStrings_Xdb.ReferenceData.Client + value: http://xdbrefdata + - name: Sitecore_Processing_Service_Url + value: http://prc + - name: Sitecore_Processing_Service_Require_Https + value: 'false' + - name: Sitecore_GraphQL_Enabled + value: "true" + - name: Sitecore_GraphQL_ExposePlayground + value: "false" + - name: Sitecore_GraphQL_UploadMediaOptions_EncryptionKey + valueFrom: + secretKeyRef: + name: sitecore-graphql + key: sitecore-graphql-uploadmedia_encryptionkey.txt + - name: Sitecore_Identity_Server_Authority + value: https://id-placeholder-hostname + - name: Sitecore_Identity_Server_CallbackAuthority + value: https://cm-placeholder-hostname + - name: Sitecore_Identity_Server_InternalAuthority + value: http://id + - name: Sitecore_Identity_Server_Require_Https + value: "false" + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + - name: MEDIA_REQUEST_PROTECTION_SHARED_SECRET + valueFrom: + secretKeyRef: + name: sitecore-protect-media-requests + key: sitecore-media-request-protection-shared-secret.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cm + resources: + requests: + memory: 800Mi + cpu: 1000m + limits: + memory: 3Gi + cpu: 2000m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cd-hostname b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cd-hostname new file mode 100644 index 00000000..d6c7cb76 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cd-hostname @@ -0,0 +1 @@ +cd.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cm-hostname b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cm-hostname new file mode 100644 index 00000000..3d05b3fe --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/cm-hostname @@ -0,0 +1 @@ +cm.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/configmaps/id-hostname b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/id-hostname new file mode 100644 index 00000000..1e750d1a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/id-hostname @@ -0,0 +1 @@ +id.globalhost \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/configmaps/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/kustomization.yaml new file mode 100644 index 00000000..ea28225a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/configmaps/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +generatorOptions: + disableNameSuffixHash: true + +configMapGenerator: +- name: sitecore-hostnames + files: + - cd-hostname + - cm-hostname + - id-hostname \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessing.yaml b/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessing.yaml new file mode 100644 index 00000000..a68bc3ba --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessing.yaml @@ -0,0 +1,111 @@ +apiVersion: v1 +kind: Service +metadata: + name: cortexprocessing +spec: + selector: + app: cortexprocessing + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cortexprocessing + labels: + app: cortexprocessing +spec: + replicas: 1 + selector: + matchLabels: + app: cortexprocessing + template: + metadata: + labels: + app: cortexprocessing + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-cortexprocessing + image: sitecore-xp1-cortexprocessing + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Processing_Engine_Tasks_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-username.txt + - name: Processing_Engine_Tasks_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-password.txt + - name: Processing_Engine_Storage_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-username.txt + - name: Processing_Engine_Storage_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Processing.Engine.Storage + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.Engine.Storage;User ID=$(Processing_Engine_Storage_Database_Username);Password=$(Processing_Engine_Storage_Database_Password); + - name: Sitecore_ConnectionStrings_Processing.Engine.Tasks + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.Engine.Tasks;User ID=$(Processing_Engine_Tasks_Database_Username);Password=$(Processing_Engine_Tasks_Database_Password); + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cortexprocessing + resources: + requests: + memory: 500Mi + cpu: 100m + limits: + memory: 1Gi + cpu: 300m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessingworker.yaml b/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessingworker.yaml new file mode 100644 index 00000000..2292ae00 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/cortexprocessingworker.yaml @@ -0,0 +1,130 @@ +apiVersion: v1 +kind: Service +metadata: + name: cortexprocessingworker +spec: + selector: + app: cortexprocessingworker + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cortexprocessingworker + labels: + app: cortexprocessingworker +spec: + replicas: 1 + selector: + matchLabels: + app: cortexprocessingworker + template: + metadata: + labels: + app: cortexprocessingworker + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbsearch + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbsearch/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-cortexprocessingworker + image: sitecore-xp1-cortexprocessingworker + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Processing_Engine_Tasks_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-username.txt + - name: Processing_Engine_Tasks_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-password.txt + - name: Processing_Engine_Storage_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-username.txt + - name: Processing_Engine_Storage_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-password.txt + - name: Reporting_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-username.txt + - name: Reporting_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Processing.Engine.Storage + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.Engine.Storage;User ID=$(Processing_Engine_Storage_Database_Username);Password=$(Processing_Engine_Storage_Database_Password); + - name: Sitecore_ConnectionStrings_Processing.Engine.Tasks + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.Engine.Tasks;User ID=$(Processing_Engine_Tasks_Database_Username);Password=$(Processing_Engine_Tasks_Database_Password); + - name: Sitecore_ConnectionStrings_Xconnect.Collection + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_Xconnect.Configuration + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_XConnect.Search + value: http://xdbsearch + - name: Sitecore_ConnectionStrings_Reporting + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Reporting;User ID=$(Reporting_Database_Username);Password=$(Reporting_Database_Password); + livenessProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/live + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/ready + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\service\App_Data\Logs + name: logs + subPath: cortexprocessingworker + resources: + requests: + memory: 200Mi + cpu: 100m + limits: + memory: 1Gi + cpu: 300m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/cortexreporting.yaml b/k8s/sxp/10.4/ltsc2019/xp1/cortexreporting.yaml new file mode 100644 index 00000000..83de04d6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/cortexreporting.yaml @@ -0,0 +1,99 @@ +apiVersion: v1 +kind: Service +metadata: + name: cortexreporting +spec: + selector: + app: cortexreporting + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cortexreporting + labels: + app: cortexreporting +spec: + replicas: 1 + selector: + matchLabels: + app: cortexreporting + template: + metadata: + labels: + app: cortexreporting + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-cortexreporting + image: sitecore-xp1-cortexreporting + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Reporting_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-username.txt + - name: Reporting_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Reporting + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Reporting;User ID=$(Reporting_Database_Username);Password=$(Reporting_Database_Password); + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: cortexreporting + resources: + requests: + memory: 500Mi + cpu: 100m + limits: + memory: 1Gi + cpu: 300m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/external/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/external/kustomization.yaml new file mode 100644 index 00000000..cf1783cb --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/external/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: mssql + newName: mcr.microsoft.com/mssql/server + newTag: 2022-CU10-ubuntu-22.04 +- name: redis + newName: redis + newTag: 4.0.14-alpine +- name: solr + newName: solr + newTag: 8.11.2 + +resources: + - mssql.yaml + - redis.yaml + - solr.yaml \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/external/mssql.yaml b/k8s/sxp/10.4/ltsc2019/xp1/external/mssql.yaml new file mode 100644 index 00000000..a7781007 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/external/mssql.yaml @@ -0,0 +1,60 @@ +apiVersion: v1 +kind: Service +metadata: + name: mssql +spec: + selector: + app: mssql + ports: + - protocol: TCP + port: 1433 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mssql + labels: + app: mssql +spec: + replicas: 1 + selector: + matchLabels: + app: mssql + template: + metadata: + labels: + app: mssql + spec: + nodeSelector: + kubernetes.io/os: linux + containers: + - name: mssql + image: mssql + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 101 + ports: + - containerPort: 1433 + env: + - name: SA_PASSWORD + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databasepassword.txt + - name: ACCEPT_EULA + value: "Y" + volumeMounts: + - mountPath: /var/opt/mssql + name: sql + resources: + requests: + memory: 2Gi + cpu: 200m + limits: + memory: 3Gi + cpu: 700m + volumes: + - name: sql + emptyDir: {} \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/external/redis.yaml b/k8s/sxp/10.4/ltsc2019/xp1/external/redis.yaml new file mode 100644 index 00000000..3cff892d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/external/redis.yaml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + labels: + app: redis +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + volumes: + - emptyDir: {} + name: data + nodeSelector: + kubernetes.io/os: linux + containers: + - name: sitecore-redis + image: redis + ports: + - containerPort: 6379 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + volumeMounts: + - mountPath: /data + name: data + resources: + requests: + memory: 100Mi + cpu: 100m + limits: + memory: 2500Mi + cpu: 500m \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/external/solr.yaml b/k8s/sxp/10.4/ltsc2019/xp1/external/solr.yaml new file mode 100644 index 00000000..a62ad43d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/external/solr.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Service +metadata: + name: solr +spec: + selector: + app: solr + ports: + - protocol: TCP + port: 8983 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: solr + labels: + app: solr +spec: + replicas: 1 + selector: + matchLabels: + app: solr + template: + metadata: + labels: + app: solr + spec: + nodeSelector: + kubernetes.io/os: linux + containers: + - name: solr + image: solr + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + ports: + - containerPort: 8983 + env: + - name: SOLR_MODE + value: solrcloud + startupProbe: + httpGet: + path: /solr/admin/info/system + port: 8983 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 30 + periodSeconds: 10 + failureThreshold: 10 + volumeMounts: + - mountPath: /tmp + name: tmp + resources: + requests: + memory: 2Gi + cpu: 500m + limits: + memory: 3Gi + cpu: 1500m + volumes: + - emptyDir: {} + name: tmp \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/id.yaml b/k8s/sxp/10.4/ltsc2019/xp1/id.yaml new file mode 100644 index 00000000..8d5b4731 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/id.yaml @@ -0,0 +1,120 @@ +apiVersion: v1 +kind: Service +metadata: + name: id +spec: + selector: + app: id + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: id + labels: + app: id +spec: + replicas: 1 + selector: + matchLabels: + app: id + template: + metadata: + labels: + app: id + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-id + image: sitecore-xp1-id + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Sitecore_Sitecore__IdentityServer__Clients__PasswordClient__ClientSecrets__ClientSecret1 + valueFrom: + secretKeyRef: + name: sitecore-identity + key: sitecore-identitysecret.txt + - name: Sitecore_Sitecore__IdentityServer__CertificateRawData + valueFrom: + secretKeyRef: + name: sitecore-identitycertificate + key: sitecore-identitycertificate.txt + - name: Sitecore_Sitecore__IdentityServer__CertificateRawDataPassword + valueFrom: + secretKeyRef: + name: sitecore-identitycertificate + key: sitecore-identitycertificatepassword.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_Sitecore__IdentityServer__SitecoreMemberShipOptions__ConnectionString + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl + value: https://cm-placeholder-hostname/sitecore/login?rc=1 + - name: Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1 + value: https://cm-placeholder-hostname + - name: Sitecore_Sitecore__IdentityServer__PublicOrigin + value: https://id-placeholder-hostname + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\Identity\logs + name: logs + subPath: id + resources: + requests: + memory: 400Mi + cpu: 50m + limits: + memory: 1Gi + cpu: 200m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/configuration.yaml b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/configuration.yaml new file mode 100644 index 00000000..369feaeb --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/configuration.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-ingress-ingress-nginx-controller +data: + use-forwarded-headers: "true" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/ingress.yaml b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/ingress.yaml new file mode 100644 index 00000000..3b939a42 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/ingress.yaml @@ -0,0 +1,55 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: sitecore-ingress + annotations: + nginx.ingress.kubernetes.io/proxy-buffer-size: "32k" + nginx.ingress.kubernetes.io/affinity: "cookie" + nginx.ingress.kubernetes.io/rewrite-target: / + nginx.ingress.kubernetes.io/proxy-connect-timeout: "600" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" + nginx.ingress.kubernetes.io/proxy-body-size: "512m" +spec: + ingressClassName: "nginx" + rules: + - host: cd-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cd + port: + number: 80 + - host: cm-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cm + port: + number: 80 + - host: id-placeholder-hostname + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: id + port: + number: 80 + tls: + - secretName: global-cd-tls + hosts: + - cd-placeholder-hostname + - secretName: global-cm-tls + hosts: + - cm-placeholder-hostname + - secretName: global-id-tls + hosts: + - id-placeholder-hostname \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/kustomization.yaml new file mode 100644 index 00000000..9f7e12f5 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/ingress-nginx/kustomization.yaml @@ -0,0 +1,69 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../configmaps + - ingress.yaml + - configuration.yaml + +replacements: +- source: + fieldPath: data.cd-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=cd-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-cd-tls].hosts.0 +- source: + fieldPath: data.cm-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=cm-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-cm-tls].hosts.0 +- source: + fieldPath: data.id-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.rules.[host=id-placeholder-hostname].host + - select: + group: networking.k8s.io + kind: Ingress + name: sitecore-ingress + version: v1 + fieldPaths: + - spec.tls.[secretName=global-id-tls].hosts.0 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/init/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/init/kustomization.yaml new file mode 100644 index 00000000..b22774ad --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/init/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: sitecore-xp1-mssql-init + newName: scr.sitecore.com/sxp/sitecore-xp1-mssql-init + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-solr-init + newName: scr.sitecore.com/sxp/sitecore-xp1-solr-init + newTag: 10.4-ltsc2019 + +resources: + - mssql-init.yaml + - solr-init.yaml \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/init/mssql-init.yaml b/k8s/sxp/10.4/ltsc2019/xp1/init/mssql-init.yaml new file mode 100644 index 00000000..2430f0f4 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/init/mssql-init.yaml @@ -0,0 +1,192 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: mssql-init +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: mssql-init + image: sitecore-xp1-mssql-init + env: + - name: sitecore_admin_password + valueFrom: + secretKeyRef: + name: sitecore-admin + key: sitecore-adminpassword.txt + - name: SQL_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databasepassword.txt + - name: SQL_ADMIN_LOGIN + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseusername.txt + - name: SQL_SERVER + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: SQL_ELASTIC_POOL_NAME + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-database-elastic-pool-name.txt + - name: Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-username.txt + - name: Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-password.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Web_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-username.txt + - name: Web_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-web-database-password.txt + - name: Forms_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-username.txt + - name: Forms_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-forms-database-password.txt + - name: Exm_Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-username.txt + - name: Exm_Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-exm-master-database-password.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Reporting_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-username.txt + - name: Reporting_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Processing_Pools_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-username.txt + - name: Processing_Pools_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-password.txt + - name: Processing_Tasks_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-tasks-database-username.txt + - name: Processing_Tasks_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-tasks-database-password.txt + - name: Processing_Engine_Tasks_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-username.txt + - name: Processing_Engine_Tasks_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-tasks-database-password.txt + - name: Processing_Engine_Storage_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-username.txt + - name: Processing_Engine_Storage_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-engine-storage-database-password.txt + - name: Collection_ShardMapManager_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-username.txt + - name: Collection_ShardMapManager_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-password.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sql_Custom_Database_Prefix_Update_From + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-custom-database-prefix-update-from.txt + restartPolicy: Never + backoffLimit: 5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/init/solr-init.yaml b/k8s/sxp/10.4/ltsc2019/xp1/init/solr-init.yaml new file mode 100644 index 00000000..1efdb3c1 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/init/solr-init.yaml @@ -0,0 +1,27 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: solr-init +spec: + template: + spec: + nodeSelector: + kubernetes.io/os: windows + imagePullSecrets: + - name: sitecore-docker-registry + containers: + - name: solr-init + image: sitecore-xp1-solr-init + env: + - name: SITECORE_SOLR_CONNECTION_STRING + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-connection-string.txt + - name: SOLR_CORE_PREFIX_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr + key: sitecore-solr-core-prefix-name.txt + restartPolicy: Never + backoffLimit: 5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/k8s-init.ps1 b/k8s/sxp/10.4/ltsc2019/xp1/k8s-init.ps1 new file mode 100644 index 00000000..9cadef50 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/k8s-init.ps1 @@ -0,0 +1,372 @@ +[CmdletBinding()] +Param ( + [ValidateSet("xm1","xp1")] + [string]$Topology = "xp1", + + [string] + [ValidateNotNullOrEmpty()] + $SecretsFolderPath = ".\secrets", + + [string] + $CertDataFolder = ".\secrets\tls", + + [string] + $ConfigmapsDataFolder = ".\configmaps", + + [Parameter(Mandatory = $true)] + [string] + [ValidateNotNullOrEmpty()] + $LicenseXmlPath, + + [string] + $CdHost = "cd.globalhost", + + [string] + $CmHost = "cm.globalhost", + + [string] + $IdHost = "id.globalhost", + + [Parameter(Mandatory = $true)] + [string] + $ExternalIPAddress, + + [Parameter(Mandatory = $true)] + [string] + $SqlUserName, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SqlUserPassword, + + [string] + $SqlServer = "mssql", + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [Parameter(Mandatory = $true)] + [string] + $SitecoreAdminPassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlCoreDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlFormsDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMasterDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlWebDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlCollectionShardmapmanagerDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlExmMasterDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMarketingAutomationDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlMessagingDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingEngineStorageDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingEngineTasksDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingPoolsDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlProcessingTasksDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlReferenceDataDatabasePassword, + + # We do not need to use [SecureString] here since the value will be stored unencrypted in secrets, + # and used only for transient local example environment. + [string] + $SqlReportingDatabasePassword, + + [string] + $SitecoreGalleryRepositoryLocation = "https://nuget.sitecore.com/resources/v2/", + + [string] + $SpecificVersion +) + +$ErrorActionPreference = "Stop"; +[boolean]$RootCertificateCreated = $false; + +$certDataFolderList = @{ + "$CertDataFolder\global-cd" = "$CdHost" + "$CertDataFolder\global-cm" = "$CmHost" + "$CertDataFolder\global-id" = "$IdHost" +} + +$configmapsHostnameList = @{ + "$ConfigmapsDataFolder\cd-hostname" = "$CdHost" + "$ConfigmapsDataFolder\cm-hostname" = "$CmHost" + "$ConfigmapsDataFolder\id-hostname" = "$IdHost" +} + +function InstallModule { + Param( + [String]$ModuleName, + [String]$ModuleVersion + ) + try { + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + if (!$repository) { + $tempRepositoryName = "Temp" + (New-Guid) + Register-PSRepository -Name $tempRepositoryName -SourceLocation $SitecoreGalleryRepositoryLocation -InstallationPolicy Trusted + $repository = Get-PSRepository | Where-Object { $_.SourceLocation -eq $SitecoreGalleryRepositoryLocation } + } + if (!$ModuleVersion) { + $ModuleVersion = (Find-Module -Name $ModuleName -Repository $repository.Name -AllowPrerelease).Version + Write-Host "The Docker tool version was not specified. The latest available '$ModuleVersion' version will be used." -ForegroundColor Green + } + + $moduleInstalled = Get-InstalledModule -Name $ModuleName -RequiredVersion $ModuleVersion -AllowPrerelease -ErrorAction SilentlyContinue + if (!$moduleInstalled) { + Write-Host "Installing '$ModuleName' $ModuleVersion" -ForegroundColor Green + Install-Module -Name $ModuleName -RequiredVersion $ModuleVersion -Repository $repository.Name -AllowClobber -AllowPrerelease -Scope CurrentUser -Force -ErrorAction "Stop" + } + $localModulePath = ((Get-Module $ModuleName -ListAvailable) | Where-Object Version -eq $ModuleVersion.Split("-")[0]).Path + Write-Host "Importing '$ModuleName' '$ModuleVersion' from '$localModulePath' ..." + Import-Module -Name $localModulePath + } + finally { + if ($tempRepositoryName -and ($repository.Name -eq $tempRepositoryName)) { + Unregister-PSRepository -Name $tempRepositoryName + } + } +} + +function Populate-ContentSecrets { + param( + [string]$SecretsFolderPath, + [hashtable]$K8sSecretArray + ) + + Write-Information -MessageData "Starting populating the secret .txt files for '$SecretsFolderPath' folder..." -InformationAction Continue + + $K8sSecretArray.keys | ForEach-Object { + $secretFilePath = Join-Path $SecretsFolderPath $_ + if (Test-Path $secretFilePath -PathType Leaf) { + Set-Content $secretFilePath -Value "$($K8sSecretArray[$_])" -Force -NoNewline + } + } + + Write-Information -MessageData "Finish populating the secret .txt files for '$SecretsFolderPath' folder." -InformationAction Continue +} + +function Add-WindowsHostsFileEntries{ + param( + [string]$Topology, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost, + [string]$ExternalIPAddress + ) + + Write-Information -MessageData "Starting adding Windows hosts file entries for k8s '$Topology' topology..." -InformationAction Continue + + Add-HostsEntry -Hostname "$CdHost" -IPAddress $ExternalIPAddress + Add-HostsEntry -Hostname "$CmHost" -IPAddress $ExternalIPAddress + Add-HostsEntry -Hostname "$IdHost" -IPAddress $ExternalIPAddress + + Write-Information -MessageData "Finish adding Windows hosts file entries for k8s '$Topology' topology." -InformationAction Continue +} + +function Update-ConfigmapsFolder{ + param( + [hashtable]$ConfigmapsHostnameList, + [string]$CdHost, + [string]$CmHost, + [string]$IdHost + ) + + $ConfigmapsHostnameList.Keys | ForEach-Object { + $hostnameFile = $_ + $hostName = $ConfigmapsHostnameList[$_] + + if (!(Test-Path $hostnameFile)) { + Write-Warning -Message "The configmaps hostname '$hostnameFile' path isn't valid. Please, specify another path for hostnames configmaps." + return + } + + # Clear *-hostname file + Clear-Content -Path $hostnameFile + + # Setting new content to the *-hostname file + $hostName | Set-Content $hostnameFile -NoNewline + + Write-Information -MessageData "'$hostnameFile' file was successfully updated." -InformationAction Continue + } +} + +function Create-Certificates{ + param( + [string]$CertDataFolder, + [hashtable]$CertDataFolderList, + [string]$Topology + ) + + if (![string]::IsNullOrEmpty($CertDataFolder)) { + + Write-Information -MessageData "Starting create certificates for k8s '$Topology' topology..." -InformationAction Continue + + # Check that root certificate file already exist in the $CertDataFolder + $existingRootCertificateFile = Get-ChildItem "$CertDataFolder\global-authority\*" -Include *.crt + + if (-not $existingRootCertificateFile){ + + # Create Root Certificate file + $rootKey = Create-RSAKey -KeyLength 4096 + $rootCertificate = Create-SelfSignedCertificate -Key $rootKey -CommonName "Sitecore Kubernetes Development Self-Signed Authority" + Create-CertificateFile -Certificate $rootCertificate -OutCertPath "$CertDataFolder\global-authority\root.crt" + + # Create Certificate and Key files for each Sitecore role + $CertDataFolderList.Keys | ForEach-Object { + $certDataFolderName = $_ + $hostName = $CertDataFolderList[$_] + + if (!(Test-Path $certDataFolderName)) { + Write-Warning -Message "The certificate '$certDataFolderName' path isn't valid. Please, specify another path for certificates." + return + } + + $selfSignedKey = Create-RSAKey + $certificate = Create-SelfSignedCertificateWithSignature -Key $selfSignedKey -CommonName $hostName -DnsName $hostName -RootCertificate $rootCertificate + Create-KeyFile -Key $selfSignedKey -OutKeyPath "$certDataFolderName\tls.key" + Create-CertificateFile -Certificate $certificate -OutCertPath "$certDataFolderName\tls.crt" + } + + Write-Information -MessageData "Finish creating certificates for k8s '$Topology' topology." -InformationAction Continue + return $true + } + else { + Write-Information -MessageData "Certificate files already exist for k8s '$Topology' topology." -InformationAction Continue + return $false + } + + }else { + Write-Information -MessageData "The TLS certificate path is empty. '\upgrade\*' folder doen't contains TLS certificates for k8s '$Topology' topology." -InformationAction Continue + } +} + +function ApplyOrGenerate-DatabasePassword{ + param( + [string]$DatabasePassword + ) + + $password = $null + + if ([string]::IsNullOrEmpty($DatabasePassword)){ + $password = Get-SitecoreRandomString 12 -DisallowSpecial + $password = "Password0_" + $password + }else { + $password = $DatabasePassword + } + + return $password +} + +function Invoke-K8sInit { + if (-not (Test-Path $LicenseXmlPath)) { + throw "Did not find $LicenseXmlPath" + } + if (-not (Test-Path $LicenseXmlPath -PathType Leaf)) { + throw "$LicenseXmlPath is not a file" + } + + # Install and Import SitecoreDockerTools + $ModuleName = "SitecoreDockerTools" + InstallModule -ModuleName $ModuleName -ModuleVersion $SpecificVersion + + $idCertPassword = Get-SitecoreRandomString 12 -DisallowSpecial + $k8sSecretArray = @{ + "sitecore-adminpassword.txt" = $SitecoreAdminPassword + "sitecore-identitycertificate.txt" = (Get-SitecoreCertificateAsBase64String -DnsName "localhost" -Password (ConvertTo-SecureString -String $idCertPassword -Force -AsPlainText) -KeyLength 2048) + "sitecore-identitysecret.txt" = Get-SitecoreRandomString 64 -DisallowSpecial + "sitecore-license.txt" = ConvertTo-CompressedBase64String -Path $LicenseXmlPath + "sitecore-telerikencryptionkey.txt" = Get-SitecoreRandomString 128 -DisallowSpecial + "sitecore-reportingapikey.txt" = "00112233445566778899AABBCCDDEEFF" + "sitecore-identitycertificatepassword.txt" = $idCertPassword + "sitecore-databasepassword.txt" = $SqlUserPassword + "sitecore-databaseusername.txt" = $SqlUserName + "sitecore-databaseservername.txt" = $SqlServer + "sitecore-core-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlCoreDatabasePassword + "sitecore-forms-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlFormsDatabasePassword + "sitecore-master-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMasterDatabasePassword + "sitecore-web-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlWebDatabasePassword + "sitecore-collection-shardmapmanager-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlCollectionShardmapmanagerDatabasePassword + "sitecore-exm-master-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlExmMasterDatabasePassword + "sitecore-marketing-automation-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMarketingAutomationDatabasePassword + "sitecore-messaging-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlMessagingDatabasePassword + "sitecore-processing-engine-storage-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingEngineStorageDatabasePassword + "sitecore-processing-engine-tasks-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingEngineTasksDatabasePassword + "sitecore-processing-pools-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingPoolsDatabasePassword + "sitecore-processing-tasks-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlProcessingTasksDatabasePassword + "sitecore-reference-data-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlReferenceDataDatabasePassword + "sitecore-reporting-database-password.txt" = ApplyOrGenerate-DatabasePassword -DatabasePassword $SqlReportingDatabasePassword + "sitecore-media-request-protection-shared-secret.txt" = Get-SitecoreRandomString 64 -DisallowSpecial + "sitecore-graphql-uploadmedia_encryptionkey.txt" = Get-SitecoreRandomString 16 -DisallowSpecial + } + + # Populate the .txt secret files + Populate-ContentSecrets -SecretsFolderPath $SecretsFolderPath -K8sSecretArray $k8sSecretArray + + if (![string]::IsNullOrEmpty($CertDataFolder) -and (Test-Path $CertDataFolder)) { + + # Configure TLS/HTTPS certificates + $RootCertificateCreated = Create-Certificates -CertDataFolder $CertDataFolder -CertDataFolderList $certDataFolderList -Topology $Topology + + if ($RootCertificateCreated){ + # The update for the \configmaps\*-hostname files is if Certificates were created for the custom hostnames. + Update-ConfigmapsFolder -ConfigmapsHostnameList $configmapsHostnameList -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost + + # Install root certificate if it was created + Import-Certificate -FilePath "$CertDataFolder\global-authority\root.crt" -CertStoreLocation "Cert:\LocalMachine\Root" + + # Add Windows hosts file entries + Add-WindowsHostsFileEntries -Topology $Topology -CdHost $CdHost -CmHost $CmHost -IdHost $IdHost -ExternalIPAddress $ExternalIPAddress + } + } +} + +$logFilePath = Join-Path -path (Split-Path -Parent $MyInvocation.MyCommand.Path) -ChildPath "k8s-init-$(Get-date -f 'yyyyMMddHHmmss').log"; +Invoke-K8sInit *>&1 | Tee-Object $logFilePath \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/kustomization.yaml new file mode 100644 index 00000000..2cc78104 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/kustomization.yaml @@ -0,0 +1,119 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +images: +- name: sitecore-xp1-cd + newName: scr.sitecore.com/sxp/sitecore-xp1-cd + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-cm + newName: scr.sitecore.com/sxp/sitecore-xp1-cm + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-id + newName: scr.sitecore.com/sxp/sitecore-id7 + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-cortexprocessing + newName: scr.sitecore.com/sxp/sitecore-xp1-cortexprocessing + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-cortexprocessingworker + newName: scr.sitecore.com/sxp/sitecore-xp1-cortexprocessingworker + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-cortexreporting + newName: scr.sitecore.com/sxp/sitecore-xp1-cortexreporting + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-prc + newName: scr.sitecore.com/sxp/sitecore-xp1-prc + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbautomation + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbautomation + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbautomationrpt + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbautomationrpt + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbautomationworker + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbautomationworker + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbcollection + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbcollection + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbrefdata + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbrefdata + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbsearch + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbsearch + newTag: 10.4-ltsc2019 +- name: sitecore-xp1-xdbsearchworker + newName: scr.sitecore.com/sxp/sitecore-xp1-xdbsearchworker + newTag: 10.4-ltsc2019 +- name: pwsh-initContainer + newName: mcr.microsoft.com/powershell:lts-nanoserver-1809 + +resources: + - configmaps + - cm.yaml + - cd.yaml + - id.yaml + - cortexprocessing.yaml + - cortexprocessingworker.yaml + - cortexreporting.yaml + - prc.yaml + - xdbautomation.yaml + - xdbautomationrpt.yaml + - xdbautomationworker.yaml + - xdbcollection.yaml + - xdbrefdata.yaml + - xdbsearch.yaml + - xdbsearchworker.yaml + +replacements: +- source: + fieldPath: data.cm-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + kind: Deployment + name: cm + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xp1-cm].env.[name=Sitecore_Identity_Server_CallbackAuthority].value + options: + delimiter: '//' + index: 1 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xp1-id].env.[name=Sitecore_Sitecore__IdentityServer__AccountOptions__PasswordRecoveryUrl].value + options: + delimiter: '/' + index: 2 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xp1-id].env.[name=Sitecore_Sitecore__IdentityServer__Clients__DefaultClient__AllowedCorsOrigins__AllowedCorsOriginsGroup1].value + options: + delimiter: '//' + index: 1 +- source: + fieldPath: data.id-hostname + kind: ConfigMap + name: sitecore-hostnames + version: v1 + targets: + - select: + kind: Deployment + name: cm + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xp1-cm].env.[name=Sitecore_Identity_Server_Authority].value + options: + delimiter: '//' + index: 1 + - select: + kind: Deployment + name: id + fieldPaths: + - spec.template.spec.containers.[name=sitecore-xp1-id].env.[name=Sitecore_Sitecore__IdentityServer__PublicOrigin].value + options: + delimiter: '//' + index: 1 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/kustomization.yaml new file mode 100644 index 00000000..2b3fd12b --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ..\..\..\init + +patchesStrategicMerge: + - solr-init.yaml + +images: +- name: sitecore-xp1-solr-init-searchstax + newName: scr.sitecore.com/sxp/sitecore-xp1-solr-init-searchstax + newTag: 10.4-ltsc2019 + +generatorOptions: + disableNameSuffixHash: true +secretGenerator: +- name: sitecore-solr-searchstax + files: + - sitecore-searchstax-apikey.txt + - sitecore-searchstax-account-name.txt + - sitecore-searchstax-deployment-uid.txt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-account-name.txt b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-account-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-apikey.txt b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-apikey.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-deployment-uid.txt b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/sitecore-searchstax-deployment-uid.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/solr-init.yaml b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/solr-init.yaml new file mode 100644 index 00000000..14309743 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/overlays/init/SearchStax/solr-init.yaml @@ -0,0 +1,26 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: solr-init +spec: + template: + spec: + containers: + - name: solr-init + image: sitecore-xp1-solr-init-searchstax + env: + - name: SEARCH_STAX_APIKEY + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-apikey.txt + - name: SEARCH_STAX_ACCOUNT_NAME + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-account-name.txt + - name: SEARCH_STAX_DEPLOYMENT_UID + valueFrom: + secretKeyRef: + name: sitecore-solr-searchstax + key: sitecore-searchstax-deployment-uid.txt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/prc.yaml b/k8s/sxp/10.4/ltsc2019/xp1/prc.yaml new file mode 100644 index 00000000..0a07471f --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/prc.yaml @@ -0,0 +1,186 @@ +apiVersion: v1 +kind: Service +metadata: + name: prc +spec: + selector: + app: prc + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prc + labels: + app: prc +spec: + replicas: 1 + selector: + matchLabels: + app: prc + template: + metadata: + labels: + app: prc + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-prc + image: sitecore-xp1-prc + ports: + - containerPort: 80 + env: + - name: Sitecore_InstanceName + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Master_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-username.txt + - name: Master_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-master-database-password.txt + - name: Core_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-username.txt + - name: Core_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-core-database-password.txt + - name: Reporting_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-username.txt + - name: Reporting_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reporting-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Processing_Pools_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-username.txt + - name: Processing_Pools_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-password.txt + - name: Processing_Tasks_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-tasks-database-username.txt + - name: Processing_Tasks_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-tasks-database-password.txt + - name: Sitecore_ConnectionStrings_Reporting.ApiKey + valueFrom: + secretKeyRef: + name: sitecore-reporting + key: sitecore-reportingapikey.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: LOG_LEVEL_VALUE + valueFrom: + secretKeyRef: + name: sitecore-log-level + key: sitecore-log-level-value.txt + - name: Sitecore_ConnectionStrings_Core + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Security + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Core;User ID=$(Core_Database_Username);Password=$(Core_Database_Password); + - name: Sitecore_ConnectionStrings_Master + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Master;User ID=$(Master_Database_Username);Password=$(Master_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Processing.Pools + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.pools;User ID=$(Processing_Pools_Database_Username);Password=$(Processing_Pools_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Processing.Tasks + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.tasks;User ID=$(Processing_Tasks_Database_Username);Password=$(Processing_Tasks_Database_Password); + - name: Sitecore_ConnectionStrings_Reporting + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Reporting;User ID=$(Reporting_Database_Username);Password=$(Reporting_Database_Password); + - name: Sitecore_ConnectionStrings_XConnect.Collection + value: http://xdbcollection + - name: MEDIA_REQUEST_PROTECTION_SHARED_SECRET + valueFrom: + secretKeyRef: + name: sitecore-protect-media-requests + key: sitecore-media-request-protection-shared-secret.txt + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: prc + resources: + requests: + memory: 500Mi + cpu: 200m + limits: + memory: 1.5Gi + cpu: 500m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/kustomization.yaml b/k8s/sxp/10.4/ltsc2019/xp1/secrets/kustomization.yaml new file mode 100644 index 00000000..7612f474 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/kustomization.yaml @@ -0,0 +1,89 @@ +generatorOptions: + disableNameSuffixHash: true +secretGenerator: +- name: sitecore-admin + files: + - sitecore-adminpassword.txt +- name: sitecore-database + files: + - sitecore-databaseusername.txt + - sitecore-databasepassword.txt + - sitecore-databaseservername.txt + - sitecore-collection-shardmapmanager-database-password.txt + - sitecore-collection-shardmapmanager-database-username.txt + - sitecore-core-database-password.txt + - sitecore-core-database-username.txt + - sitecore-exm-master-database-password.txt + - sitecore-exm-master-database-username.txt + - sitecore-forms-database-password.txt + - sitecore-forms-database-username.txt + - sitecore-marketing-automation-database-password.txt + - sitecore-marketing-automation-database-username.txt + - sitecore-master-database-password.txt + - sitecore-master-database-username.txt + - sitecore-messaging-database-password.txt + - sitecore-messaging-database-username.txt + - sitecore-processing-engine-storage-database-password.txt + - sitecore-processing-engine-storage-database-username.txt + - sitecore-processing-engine-tasks-database-password.txt + - sitecore-processing-engine-tasks-database-username.txt + - sitecore-processing-pools-database-password.txt + - sitecore-processing-pools-database-username.txt + - sitecore-processing-tasks-database-password.txt + - sitecore-processing-tasks-database-username.txt + - sitecore-reference-data-database-password.txt + - sitecore-reference-data-database-username.txt + - sitecore-reporting-database-password.txt + - sitecore-reporting-database-username.txt + - sitecore-web-database-password.txt + - sitecore-web-database-username.txt + - sitecore-database-elastic-pool-name.txt + - sitecore-databaseprefix.txt + - sitecore-custom-database-prefix-update-from.txt +- name: sitecore-identitycertificate + files: + - sitecore-identitycertificate.txt + - sitecore-identitycertificatepassword.txt +- name: sitecore-license + files: + - sitecore-license.txt +- name: sitecore-identity + files: + - sitecore-identitysecret.txt +- name: sitecore-graphql + files: + - sitecore-graphql-uploadmedia_encryptionkey.txt +- name: sitecore-telerik + files: + - sitecore-telerikencryptionkey.txt +- name: sitecore-reporting + files: + - sitecore-reportingapikey.txt +- name: sitecore-solr + files: + - sitecore-solr-connection-string.txt + - sitecore-solr-core-prefix-name.txt +- name: sitecore-solr-xdb + files: + - sitecore-solr-connection-string-xdb.txt +- name: sitecore-protect-media-requests + files: + - sitecore-media-request-protection-shared-secret.txt +- name: sitecore-log-level + files: + - sitecore-log-level-value.txt +- name: global-cd-tls + files: + - tls/global-cd/tls.key + - tls/global-cd/tls.crt + type: kubernetes.io/tls +- name: global-cm-tls + files: + - tls/global-cm/tls.key + - tls/global-cm/tls.crt + type: kubernetes.io/tls +- name: global-id-tls + files: + - tls/global-id/tls.key + - tls/global-id/tls.crt + type: kubernetes.io/tls \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-adminpassword.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-adminpassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-collection-shardmapmanager-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-collection-shardmapmanager-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-collection-shardmapmanager-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-collection-shardmapmanager-database-username.txt new file mode 100644 index 00000000..44946c85 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-collection-shardmapmanager-database-username.txt @@ -0,0 +1 @@ +shardmapmanageruser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-core-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-core-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-core-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-core-database-username.txt new file mode 100644 index 00000000..1a01ffc1 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-core-database-username.txt @@ -0,0 +1 @@ +coreuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-custom-database-prefix-update-from.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-custom-database-prefix-update-from.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-database-elastic-pool-name.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-database-elastic-pool-name.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databasepassword.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databasepassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseprefix.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseprefix.txt new file mode 100644 index 00000000..84e851b6 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseprefix.txt @@ -0,0 +1 @@ +Sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseservername.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseservername.txt new file mode 100644 index 00000000..a5faf708 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseservername.txt @@ -0,0 +1 @@ +mssql \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseusername.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseusername.txt new file mode 100644 index 00000000..0107e44b --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-databaseusername.txt @@ -0,0 +1 @@ +sa \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-exm-master-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-exm-master-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-exm-master-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-exm-master-database-username.txt new file mode 100644 index 00000000..6b4a10e9 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-exm-master-database-username.txt @@ -0,0 +1 @@ +exmmasteruser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-forms-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-forms-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-forms-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-forms-database-username.txt new file mode 100644 index 00000000..2af61966 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-forms-database-username.txt @@ -0,0 +1 @@ +formsuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt new file mode 100644 index 00000000..a7ce33d9 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-graphql-uploadmedia_encryptionkey.txt @@ -0,0 +1 @@ +432A462D4A614E64 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitycertificate.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitycertificate.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitycertificatepassword.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitycertificatepassword.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitysecret.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-identitysecret.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-license.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-license.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-log-level-value.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-log-level-value.txt new file mode 100644 index 00000000..6a34d78a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-log-level-value.txt @@ -0,0 +1 @@ +INFO \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-marketing-automation-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-marketing-automation-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-marketing-automation-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-marketing-automation-database-username.txt new file mode 100644 index 00000000..0d2f9dc0 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-marketing-automation-database-username.txt @@ -0,0 +1 @@ +mauser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-master-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-master-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-master-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-master-database-username.txt new file mode 100644 index 00000000..92db7144 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-master-database-username.txt @@ -0,0 +1 @@ +masteruser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-media-request-protection-shared-secret.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-media-request-protection-shared-secret.txt new file mode 100644 index 00000000..04d929b5 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-media-request-protection-shared-secret.txt @@ -0,0 +1 @@ +HQ(NjM(u6_5koVla-cTf4ta8x1h6Sb+ZcUQrULUz-0Afpx0cx-NuMtIoQkpDFmX5 \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-messaging-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-messaging-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-messaging-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-messaging-database-username.txt new file mode 100644 index 00000000..627db567 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-messaging-database-username.txt @@ -0,0 +1 @@ +messaginguser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-storage-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-storage-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-storage-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-storage-database-username.txt new file mode 100644 index 00000000..0447fe0e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-storage-database-username.txt @@ -0,0 +1 @@ +processingenginestorageuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-tasks-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-tasks-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-tasks-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-tasks-database-username.txt new file mode 100644 index 00000000..09ab54b3 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-engine-tasks-database-username.txt @@ -0,0 +1 @@ +processingenginetasksuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-pools-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-pools-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-pools-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-pools-database-username.txt new file mode 100644 index 00000000..afa67198 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-pools-database-username.txt @@ -0,0 +1 @@ +processingpoolsuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-tasks-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-tasks-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-tasks-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-tasks-database-username.txt new file mode 100644 index 00000000..8731b1da --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-processing-tasks-database-username.txt @@ -0,0 +1 @@ +processingtasksuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reference-data-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reference-data-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reference-data-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reference-data-database-username.txt new file mode 100644 index 00000000..eec4367d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reference-data-database-username.txt @@ -0,0 +1 @@ +refdatauser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reporting-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reporting-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reporting-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reporting-database-username.txt new file mode 100644 index 00000000..68515d53 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reporting-database-username.txt @@ -0,0 +1 @@ +reportinguser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reportingapikey.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-reportingapikey.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string-xdb.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string-xdb.txt new file mode 100644 index 00000000..eea97d74 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string-xdb.txt @@ -0,0 +1 @@ +http://solr:8983/solr/sitecore_xdb;solrCloud=true \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string.txt new file mode 100644 index 00000000..223d335a --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-connection-string.txt @@ -0,0 +1 @@ +http://solr:8983/solr;solrCloud=true \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-core-prefix-name.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-core-prefix-name.txt new file mode 100644 index 00000000..3220fb37 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-solr-core-prefix-name.txt @@ -0,0 +1 @@ +sitecore \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-telerikencryptionkey.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-telerikencryptionkey.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-web-database-password.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-web-database-password.txt new file mode 100644 index 00000000..e69de29b diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-web-database-username.txt b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-web-database-username.txt new file mode 100644 index 00000000..134ed9db --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/sitecore-web-database-username.txt @@ -0,0 +1 @@ +webuser \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-authority/readme b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-authority/readme new file mode 100644 index 00000000..e6e8c9db --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-authority/readme @@ -0,0 +1,2 @@ +Add generated root certificate authority to this folder: + root.crt \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cd/readme b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cd/readme new file mode 100644 index 00000000..e9d69a7d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cd/readme @@ -0,0 +1,3 @@ +Add TLS certificate for cd.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cm/readme b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cm/readme new file mode 100644 index 00000000..4ff9e350 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-cm/readme @@ -0,0 +1,3 @@ +Add TLS certificate for cm.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-id/readme b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-id/readme new file mode 100644 index 00000000..9e46877e --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/secrets/tls/global-id/readme @@ -0,0 +1,3 @@ +Add TLS certificate for id.globalhost host to this folder: + tls.crt + tls.key \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/device-detection.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/device-detection.yaml new file mode 100644 index 00000000..eade3f82 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/device-detection.yaml @@ -0,0 +1,20 @@ +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: device-detection +provisioner: file.csi.azure.com +parameters: + skuName: Standard_LRS +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: device-detection +spec: + accessModes: + - ReadWriteMany + storageClassName: device-detection + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/logs.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/logs.yaml new file mode 100644 index 00000000..290c5e6d --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/logs.yaml @@ -0,0 +1,20 @@ +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: logs +provisioner: file.csi.azure.com +parameters: + skuName: Standard_LRS +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: logs +spec: + accessModes: + - ReadWriteMany + storageClassName: logs + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/submit-queue.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/submit-queue.yaml new file mode 100644 index 00000000..d88bb2b0 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/azurefile/submit-queue.yaml @@ -0,0 +1,20 @@ +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: submit-queue +provisioner: file.csi.azure.com +parameters: + skuName: Standard_LRS +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: submit-queue +spec: + accessModes: + - ReadWriteMany + storageClassName: submit-queue + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/device-detection.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/device-detection.yaml new file mode 100644 index 00000000..cd894bcf --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/device-detection.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: device-detection +spec: + storageClassName: "" + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/sitecore/device-detection" + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: device-detection +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/logs.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/logs.yaml new file mode 100644 index 00000000..ab4a1098 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/logs.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: logs +spec: + storageClassName: "" + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/sitecore/logs" + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: logs +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/submit-queue.yaml b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/submit-queue.yaml new file mode 100644 index 00000000..06aa4a70 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/volumes/hostpath/submit-queue.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: submit-queue +spec: + storageClassName: "" + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/sitecore/submitqueue" + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: submit-queue +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbautomation.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomation.yaml new file mode 100644 index 00000000..5e5ce7e1 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomation.yaml @@ -0,0 +1,134 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbautomation +spec: + selector: + app: xdbautomation + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbautomation + labels: + app: xdbautomation +spec: + replicas: 1 + selector: + matchLabels: + app: xdbautomation + template: + metadata: + labels: + app: xdbautomation + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbsearch + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbsearch/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-xdbautomation + image: sitecore-xp1-xdbautomation + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Marketingautomation + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Marketingautomation;User ID=$(Marketing_Automation_Database_Username);Password=$(Marketing_Automation_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + - name: Sitecore_ConnectionStrings_XConnect.Collection + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_XConnect.Search + value: http://xdbsearch + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: xdbautomation + resources: + requests: + memory: 500Mi + cpu: 50m + limits: + memory: 1Gi + cpu: 200m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationrpt.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationrpt.yaml new file mode 100644 index 00000000..2d4dfc65 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationrpt.yaml @@ -0,0 +1,111 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbautomationrpt +spec: + selector: + app: xdbautomationrpt + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbautomationrpt + labels: + app: xdbautomationrpt +spec: + replicas: 1 + selector: + matchLabels: + app: xdbautomationrpt + template: + metadata: + labels: + app: xdbautomationrpt + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-xdbautomationrpt + image: sitecore-xp1-xdbautomationrpt + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Xdb.Marketingautomation + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Marketingautomation;User ID=$(Marketing_Automation_Database_Username);Password=$(Marketing_Automation_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: xdbautomationrpt + resources: + requests: + memory: 500Mi + cpu: 50m + limits: + memory: 1Gi + cpu: 200m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationworker.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationworker.yaml new file mode 100644 index 00000000..8700a5a0 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbautomationworker.yaml @@ -0,0 +1,128 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbautomationworker +spec: + selector: + app: xdbautomationworker + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbautomationworker + labels: + app: xdbautomationworker +spec: + replicas: 1 + selector: + matchLabels: + app: xdbautomationworker + template: + metadata: + labels: + app: xdbautomationworker + spec: + nodeSelector: + kubernetes.io/os: windows + initContainers: + - name: wait-xdbcollection + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbcollection/healthz/ready).StatusCode -eq 200} catch { $false }));"] + - name: wait-xdbsearch + image: pwsh-initContainer + command: ["pwsh", "-Command", "do { Start-Sleep -Seconds 3 } until ($(try {(iwr http://xdbsearch/healthz/ready).StatusCode -eq 200} catch { $false }));"] + containers: + - name: sitecore-xp1-xdbautomationworker + image: sitecore-xp1-xdbautomationworker + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_XConnect.Collection + value: http://xdbcollection + - name: Sitecore_ConnectionStrings_XConnect.Search + value: http://xdbsearch + - name: Sitecore_ConnectionStrings_Xdb.Marketingautomation + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Marketingautomation;User ID=$(Marketing_Automation_Database_Username);Password=$(Marketing_Automation_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + livenessProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/live + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/ready + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\service\App_Data\Logs + name: logs + subPath: xdbautomationworker + resources: + requests: + memory: 200Mi + cpu: 20m + limits: + memory: 1Gi + cpu: 200m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbcollection.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbcollection.yaml new file mode 100644 index 00000000..e1336071 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbcollection.yaml @@ -0,0 +1,147 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbcollection +spec: + selector: + app: xdbcollection + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbcollection + labels: + app: xdbcollection +spec: + replicas: 1 + selector: + matchLabels: + app: xdbcollection + template: + metadata: + labels: + app: xdbcollection + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-xdbcollection + image: sitecore-xp1-xdbcollection + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Collection_ShardMapManager_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-username.txt + - name: Collection_ShardMapManager_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-password.txt + - name: Processing_Pools_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-username.txt + - name: Processing_Pools_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Marketingautomation + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Marketingautomation;User ID=$(Marketing_Automation_Database_Username);Password=$(Marketing_Automation_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Processing.Pools + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.pools;User ID=$(Processing_Pools_Database_Username);Password=$(Processing_Pools_Database_Password); + - name: Sitecore_ConnectionStrings_Collection + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Xdb.Collection.ShardMapManager;User ID=$(Collection_ShardMapManager_Database_Username);Password=$(Collection_ShardMapManager_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: xdbcollection + resources: + requests: + memory: 500Mi + cpu: 150m + limits: + memory: 1Gi + cpu: 350m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbrefdata.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbrefdata.yaml new file mode 100644 index 00000000..047002d2 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbrefdata.yaml @@ -0,0 +1,99 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbrefdata +spec: + selector: + app: xdbrefdata + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbrefdata + labels: + app: xdbrefdata +spec: + replicas: 1 + selector: + matchLabels: + app: xdbrefdata + template: + metadata: + labels: + app: xdbrefdata + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-xdbrefdata + image: sitecore-xp1-xdbrefdata + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: xdbrefdata + resources: + requests: + memory: 500Mi + cpu: 150m + limits: + memory: 1Gi + cpu: 350m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbsearch.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbsearch.yaml new file mode 100644 index 00000000..a27ff5e7 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbsearch.yaml @@ -0,0 +1,156 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbsearch +spec: + selector: + app: xdbsearch + ports: + - protocol: TCP + port: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbsearch + labels: + app: xdbsearch +spec: + replicas: 1 + selector: + matchLabels: + app: xdbsearch + template: + metadata: + labels: + app: xdbsearch + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-xdbsearch + image: sitecore-xp1-xdbsearch + ports: + - containerPort: 80 + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Messaging_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-username.txt + - name: Messaging_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-messaging-database-password.txt + - name: Marketing_Automation_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-username.txt + - name: Marketing_Automation_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-marketing-automation-database-password.txt + - name: Collection_ShardMapManager_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-username.txt + - name: Collection_ShardMapManager_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-password.txt + - name: Processing_Pools_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-username.txt + - name: Processing_Pools_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-processing-pools-database-password.txt + - name: Reference_Data_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-username.txt + - name: Reference_Data_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-reference-data-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Messaging + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Messaging;User ID=$(Messaging_Database_Username);Password=$(Messaging_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Marketingautomation + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Marketingautomation;User ID=$(Marketing_Automation_Database_Username);Password=$(Marketing_Automation_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Processing.Pools + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Processing.pools;User ID=$(Processing_Pools_Database_Username);Password=$(Processing_Pools_Database_Password); + - name: Sitecore_ConnectionStrings_Collection + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Xdb.Collection.ShardMapManager;User ID=$(Collection_ShardMapManager_Database_Username);Password=$(Collection_ShardMapManager_Database_Password); + - name: Sitecore_ConnectionStrings_Xdb.Referencedata + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Referencedata;User ID=$(Reference_Data_Database_Username);Password=$(Reference_Data_Database_Password); + - name: Sitecore_ConnectionStrings_SolrCore + valueFrom: + secretKeyRef: + name: sitecore-solr-xdb + key: sitecore-solr-connection-string-xdb.txt + - name: Sitecore_Sitecore__XConnect__CollectionSearch__Services__Solr.SolrReaderSettings__Options__RequireHttps + value: 'false' + - name: Sitecore_Sitecore__XConnect__CollectionSearch__Services__XConnectSolrHealthCheckServicesConfiguration__Options__RequireHttps + value: 'false' + livenessProbe: + httpGet: + path: /healthz/live + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Liveness + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + httpGet: + path: /healthz/ready + port: 80 + httpHeaders: + - name: X-Kubernetes-Probe + value: Startup + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\inetpub\wwwroot\App_Data\logs + name: logs + subPath: xdbsearch + resources: + requests: + memory: 500Mi + cpu: 150m + limits: + memory: 1Gi + cpu: 350m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file diff --git a/k8s/sxp/10.4/ltsc2019/xp1/xdbsearchworker.yaml b/k8s/sxp/10.4/ltsc2019/xp1/xdbsearchworker.yaml new file mode 100644 index 00000000..9e6687a2 --- /dev/null +++ b/k8s/sxp/10.4/ltsc2019/xp1/xdbsearchworker.yaml @@ -0,0 +1,104 @@ +apiVersion: v1 +kind: Service +metadata: + name: xdbsearchworker +spec: + selector: + app: xdbsearchworker + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xdbsearchworker + labels: + app: xdbsearchworker +spec: + replicas: 1 + selector: + matchLabels: + app: xdbsearchworker + template: + metadata: + labels: + app: xdbsearchworker + spec: + nodeSelector: + kubernetes.io/os: windows + containers: + - name: sitecore-xp1-xdbsearchworker + image: sitecore-xp1-xdbsearchworker + env: + - name: Database_Server + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseservername.txt + - name: Collection_ShardMapManager_Database_Username + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-username.txt + - name: Collection_ShardMapManager_Database_Password + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-collection-shardmapmanager-database-password.txt + - name: Sitecore_License + valueFrom: + secretKeyRef: + name: sitecore-license + key: sitecore-license.txt + - name: Sql_Database_Prefix + valueFrom: + secretKeyRef: + name: sitecore-database + key: sitecore-databaseprefix.txt + - name: Sitecore_ConnectionStrings_Collection + value: Data Source=$(Database_Server);Initial Catalog=$(Sql_Database_Prefix).Xdb.Collection.ShardMapManager;User ID=$(Collection_ShardMapManager_Database_Username);Password=$(Collection_ShardMapManager_Database_Password); + - name: Sitecore_ConnectionStrings_SolrCore + valueFrom: + secretKeyRef: + name: sitecore-solr-xdb + key: sitecore-solr-connection-string-xdb.txt + - name: Sitecore_Sitecore__XConnect__SearchIndexer__Services__Solr.SolrReaderSettings__Options__RequireHttps + value: 'false' + - name: Sitecore_Sitecore__XConnect__SearchIndexer__Services__Solr.SolrWriterSettings__Options__RequireHttps + value: 'false' + - name: Sitecore_Sitecore__XConnect__CollectionSearch__Services__XConnectSolrHealthCheckServicesConfiguration__Options__RequireHttps + value: 'false' + livenessProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/live + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 3 + startupProbe: + exec: + command: + - curl + - http://localhost:8080/healthz/ready + timeoutSeconds: 300 + periodSeconds: 30 + failureThreshold: 10 + volumeMounts: + - mountPath: C:\service\App_Data\Logs + name: logs + subPath: xdbsearchworker + resources: + requests: + memory: 400Mi + cpu: 50m + limits: + memory: 1Gi + cpu: 300m + volumes: + - name: logs + persistentVolumeClaim: + claimName: logs + imagePullSecrets: + - name: sitecore-docker-registry \ No newline at end of file